Subscribe to our Newsletter | To Post On IoT Central, Click here


Mobile World Congress and the Pain in Spain

Mobile World Congress and the Pain in Spain

As Mobile World Congress kicks off in Barcelona this week, Avast, a security company, has a warning for the citizens of Spain: There are over 5 million vulnerable IoT devices across the country.

Now this of course is meant to grab attention at a very noisy show, and any connected country has parity with Spain I'm sure, but nonetheless, the experiment conducted by Avast is worth a look. The findings identified more than 493,000 smart devices in Barcelona and 5.3 million in Spain overall – including smart kettles, coffee machines, garage doors, fridges, thermostats and other IP-connected devices – that are connected to the internet and vulnerable to attacks.

The experiment found:  

  • Over 5.3 million vulnerable smart devices – including webcams and baby monitors – in Spain, and more than 493,000 in Barcelona alone
  • More than 150,000 hackable webcams in Spain and more than 22,000 in Barcelona
  • More than 79,000 vulnerable smart kettles and coffee machines in Spain
  • More than 444,000 devices in Spain using the Telnet network protocol, which is a type of protocol that has been abused to create the Mirai botnet which attacked Dyn in 2016, leading to the crash of Internet sites like Twitter, Amazon, Reddit, etc.

Conducted in partnership with IoT search engine specialists Shodan.io, the experiment proves just how easy it is for anyone - including cybercriminals - to scan IP addresses and ports over the Internet and classify what device is on each IP address. And, with a little extra effort and know-how, hackers can also find out the type of device (webcam, printer, smart kettle, fridge and so on), brand, model and the version of software it is running.

"With databases of commonly known device vulnerabilities publicly available, it doesn’t take a vast amount of effort and knowledge for cybercriminals to connect the dots and find out which devices are vulnerable,” said Vince Steckler, CEO at Avast. “And even if the devices are password protected, hackers often gain access by trying out the most common usernames and passwords until they crack it.”

The company says users need to contribute to making the online world a safer place by keeping software updated and choosing strong, complex passwords. Unfortunately, that is not going to happen, by either the consumer or the manufacturer.  As we've reported before, the real answer is this.

E-mail me when people leave their comments –

David Oro is the Editor at IoT Central

You need to be a member of IoT Central to add comments!

Join IoT Central

Upcoming IoT Events

More IoT News

Answering your Huawei ban questions

A lot has happened since we uploaded our most recent video about the Huawei ban last month. Another reprieve has been issued, licenses have been granted and the FCC has officially barred Huawei equipment from U.S. networks. Our viewers had some… Continue

IoT Career Opportunities