The Most Vulnerable IoT Devices: Think Before You Buy This Black Friday


With the shopping season approaching, it’s likely that internet-connected gadgets and toys will be a popular item on many users’ wish lists, as more than 88% of people use IoT (Internet of Things) devices in their households.

However, cybersecurity experts warn: Internet of Things devices can quickly go from fun to creepy, depending on how hackable they are.

“Enormous Black Friday discounts can rush customers into buying some very questionable gadgets. However, Internet of Things devices is widely known among experts for low-security measures they usually have installed. There is a joke going around: ‘The S in IoT stands for security’. So, it’s best to think before bringing any new IoT device to your household, as it can easily compromise the whole network,” says digital security expert at NordVPN, Daniel Markuson.

Globally, 1.5 billion attacks have occurred against IoT devices in the first six months of 2021. Out of the recent attacks, the most significant one happened in March of 2021, when a group of hackers gained access to 150,000 of Verkada’s smart security cameras used inside hospitals, companies, police departments, prisons, and schools.

As a result, criminals were able to see videos from women’s health clinics, psychiatric hospitals, Tesla Inc., and Verkada’s offices itself.

Which IoT devices are too dangerous to buy?

There are two main aspects that can determine the level of vulnerability of certain devices. First, innovation. If a product is new and doesn’t have a lot of competition on the market, it is usually less tested before the release and is thus more dangerous for a user.

“IoT device makers are in a rush to sell the new gadgets as quickly as possible. This means that they are shipping them out with the minimum features required for them to function, shortening the development process and cutting costs as much as possible. So, if we take the innovation aspect into consideration, the most dangerous devices are those that are too new to be widely used and thus tested,” Markuson concludes.

Another aspect is the cybercrime economy. Criminals usually target those devices that bring them the biggest value. Because of that, the most vulnerable devices are those that store the most sensitive information, which can, later on, be used to manipulate users into paying ransoms.

For example, if criminals take over a user’s baby monitor, they can observe the child and everything that is happening in his or her room and convince a parent that they have much more valuable information than just those recordings. A similar attack happened in January of 2019 when a mother from Western Australia noticed a major security breach of her device as she saw a stranger’s bedroom on the screen of her baby monitor.

“This aspect makes smart cameras (owned by 16.4% of users), speakers (28.2%), and TVs (57.1%) the riskiest, as they store the most sensitive information about their users,” Markuson explains.

“I would also pay special attention to the Wi-Fi router I buy. It doesn’t store a lot of personal information but creates a network that connects all the devices in the user’s household. So, once a criminal hacks your Wi-Fi router, they can get access to all of your IoT devices.”

What to consider before spending your money on a new device

“IoT devices are useful, fun, and really do make our lives easier. So, when you decide to save a coin while purchasing them during the Black Friday sales, do so with consideration to your future privacy and safety,” says Daniel Markuson and provides some tips. 

  • Look into the privacy issues associated with the devices you purchase. Look up tech sites that dig into privacy and security issues or buy devices certified by organizations like ioXt.
  • Avoid buying devices that are too new to be properly tested. You might miss out on innovation, but you will also miss out on the risks associated with a possibly rushed product.
  • Think if you really need the device. Research shows that people who have more devices are also more vulnerable to hackers’ attacks.
  • Take proper care of your device once you purchase it. As soon as you set up a new device, change its default login and password and turn off the features you won’t use. Also, don’t forget to update your device regularly and install a VPN if possible.

Edited by Luis Monzon
Follow Luis Monzon on Twitter
Follow IT News Africa on Twitter