According to the study, three quarters of UK consumers are concerned about how smart devices are using their data without permission, with 67% worried about these devices eavesdropping. These worries come despite a high level of technical competency, with almost two thirds (64%) well aware of using encryption to protect themselves, and 76% understanding how to apply security updates on a regular basis. However, the poor user interface on many IoT devices can make it difficult to apply this knowledge, increasing the risk of outdated software patches and consequently, security flaws.
This lack of trust is reinforced by the survey’s findings that almost half (43%) of UK consumers admitted that they do not trust IoT devices to handle data responsibly, and the same percentage (43%) not believing that IoT devices would stop unauthorised data access. There have been many well-publicised occasions when IoT devices have been recruited into botnets, which can mine cryptocurrency, carry out DDoS attacks or even distribute malware in turn.
“Currently, not enough is being done to strengthen the security and privacy of consumer IoT devices. We need suppliers of consumer-grade IoT devices and services to adoptIoT security and privacy principles in the production of their devices. Adoption of these principles will protect the network, its users, and critical information infrastructure from cyber threats,” explains Frédéric Donck, European Regional Bureau Director for the Internet Society.