Skip to main content

Top 5: What IoT devices are at risk from cyber-attack?

24th March 2025

Internet of Things devices (often labelled ‘smart’ devices) are usually connected to the internet. You may not think these sorts of devices would be vulnerable to cyber-attack, but as they frequently contain personal information, they can be appealing to cyber criminals.

Here is our list of the IoT devices most likely to be targeted and how to give them the best protection:

1. Smart Speakers

Vulnerability: Voice Command Spoofing – hackers can mimic a user’s voice to give unauthorised commands to the device, using pre-recorded or deepfake audio.

Defence: use voice recognition features that can distinguish between different voices. Enabling MFA (multi-factor authentication) for more sensitive actions is also encouraged.

2. Smart Thermostats

Vulnerability: Data Interception – data that is sent from the thermostat to the server can be intercepted if it isn’t encrypted. This can pose a real-life threat as it could indicate to criminals when you are going to be in your home and when you are not.

Defence: ensure the thermostats uses encrypted communication protocols, has a strong password and consider using a VPN.

3. Smart Cameras

Vulnerability: Unauthorised Viewing – attackers can gain access to the camera feed, enabling them to spy on your activities (again, a real-life threat as it informs them when your home is likely empty).

Defence: Use encryption and strong passwords on the camera feed as well as updating the firmware regularly for the more up to date protection.

4. Fitness Trackers

Vulnerability: Data Theft – criminals can access health and location data stored on the device, valuable information that can easily be taken advantage of.

Defence: regularly update firmware, use strong passwords and review privacy settings to control who has access to your data.

5. Smart Appliances

Vulnerability: Unauthorised Control – bad actors can gain control over smart TVs, ovens or refrigerators, potentially causing it to malfunction, posing a physical threat to the user in their home.

Defence: use strong passwords, both for the device and your Wi-Fi network, as well as updating regularly.

The reason that these devices are so vulnerable isn’t because an attack on them is highly likely – there is a much higher chance of your PC or phone being targeted – but because we don’t consider these devices as being ‘online’ in the same way, we sometimes forget to put the same measures in place. Follow our advice though, and your IoT devices stand a better chance of remaining secure.

For more expert IT advice, talk to Interfuture Security HERE.

Back to top