Security News > 2021 > September > Why your IoT devices may be vulnerable to malware
What about your Internet of Things devices? A new survey from password manager NordPass reveals that many IoT devices are saddled with their default passwords, making them an open target for cybercriminals.
In a survey of 7,000 people across Australia, Canada, France, Germany, the Netherlands, the UK and the United States, NordPass found that only 33% of users changed the default passwords on their IoT devices.
Beyond sticking with the default passwords, many users failed to properly secure their IoT devices in other ways.
Among the respondents, only 36% changed the default password on a router, only 20% added a VPN to a router, and just 13% said they chose to buy IoT devices based on strong security features or not buy devices based on weak security features.
Over the past few years, the lack of proper IoT security has led to a variety of incidents in which cybercriminals actively hit devices with default or weak passwords.
In 2017, the BrickerBot malware tried to log into IoT devices with weak security as a way to run malicious commands designed to disable them.