The Current IoT Security Landscape and Why It's So Bad

👤
Author ModuSafe Team
📅
Published Jun 29, 2025
⏱️
Reading Time 12 min
🏷️
Category Security
The Current IoT Security Landscape and Why It's So Bad

Anyone remotely connected to the cyber security world will know that the security landscape for IoT is absolutely appalling. Because of the vast number of IoT devices connected to a network, they have become the first port of call for attackers to gain access to them, initiate botnet attacks or just generally wreak havoc on people’s lives.

What is a Botnet?

Think of a botnet like a puppet master controlling thousands of puppets at once, except the puppets are computers, phones and other devices belonging to regular people who don't even know their devices are being controlled. A botnet happens when hackers secretly install bad software (called malware) on people's devices through things like clicking on suspicious links, downloading infected files, or visiting dangerous websites. Once this bad software is installed, the hacker can now remotely control that device without the owner knowing anything is wrong. Their computer or phone becomes a "zombie" that follows the hacker's commands.

The scary part is that hackers don't just control one device, they control thousands or even millions of devices all at the same time, creating a massive army of zombie computers. With this army, hackers can do really bad things like crash websites by flooding them with fake traffic (imagine 100,000 people trying to enter a small store at once), send millions of spam emails, steal people's personal information, like passwords and credit card numbers, or even use people's computers to mine cryptocurrency (digital money), which makes the hacker rich while making the victim's computer slow and their electricity bill higher. The worst part is that most people whose devices are part of a botnet have no idea it's happening, their computer might just seem a little slow.

The Mirai Botnet

In 2016, 3 people created the Mirai Botnet. They were named Paras Jha, Dalton Norman, and Josiah White. They originally created the botnet as an extorsion scam designed to take down Minecraft servers. However, the source code for the malware was made open source by a user "Anna-senpai".

When the malware became open source, it evolved into a tool to create botnets from IoT devices. IoT devices are prime targets for botnets, simply because of the sheer volume of them that can be accessed. Most households have 1, maybe 2 computers, however smart homes have multiple smart devices in every room.

It's easy to think IoT devices are just smart lights, voice assistants and thermostats, but the technology spans to places people don't think about. Baby monitors, TV's, alarm systems, DVR's, set top boxes (like sky boxes), routers, all of these are considered IoT.

What Was it Used to Do?

The most notable use of Mirai was to bring down Dyn. When the company Dyn was targeted by the Mirai botnet in October 2016, they were a prominent internet performance management and DNS provider based in the US. Dyn offered managed DNS, traffic management, email delivery, and internet intelligence solutions to a global clientele, helping companies monitor, control, and optimize their online infrastructure for speed, reliability, and security.

Their services were essential for many major websites and platforms, which is why the Mirai DDoS attack caused widespread internet outages affecting companies like Twitter, Amazon, Netflix, and PayPal.

Why Does It Matter?

Even though the original Mirai botnet is well known, cybercriminals keep creating new versions of it. They look for smart devices like security cameras, routers, and other gadgets that still use default passwords or haven’t had their software updated. Once these devices are hacked, attackers can use them together to launch big attacks on websites or steal private information.

Baby Monitors

Back in 2020, baby monitors with web-based interfaces were being accessed by attackers. The NCSC advised people to change settings when setting up their monitors, but even this advice didn't extend to a large number of devices. Unsecured traffic, weak passwords and outdated firmware are providing entry points for attackers to monitor these devices, and if that wasn't bad enough, these insecurities also gave attackers an entry point to the rest of the network, giving access to every single device connected.

The reality of baby monitor hacking is absolutely terrifying for parents. Imagine strangers being able to watch your baby sleep, listen to private conversations in your home, or even speak directly to your child through the monitor's speakers. There have been documented cases where hackers have used baby monitors to spy on families for weeks or months without being detected. In some instances, attackers have shouted at children through the speakers, causing distress and trauma.

What makes baby monitors particularly vulnerable is that many parents set them up quickly without changing default settings, assuming they're secure out of the box. Most baby monitors connect to Wi-Fi networks and many stream video directly to the internet so parents can check on their children from work. However, this convenience comes with massive security risks. Attackers can easily find these devices using simple internet searches, as many baby monitors broadcast their presence online with weak or no authentication.

Even worse, once hackers gain access to a baby monitor, they often use it as a stepping stone to attack other devices on the same network. Your baby monitor could be the gateway that allows criminals to access your laptop, steal your personal files, or even access your home's smart security system. The baby monitor becomes a digital backdoor into your entire home network.

IoT and Ransomware

Ransomware, malicious software that locks up your files until you pay a ransom, is now targeting more than just computers. Hospitals, factories, and even smart home devices are being hit. Sometimes, attackers use simple tricks like plugging in a USB stick to infect a device.

In 2025, there's been a noticeable increase in these attacks, causing real problems for businesses and critical services.

Think of ransomware like a digital kidnapper - it takes your important files hostage and demands money for their safe return. What's scary is that this digital kidnapping is now happening to IoT devices, not just computers. When ransomware hits a hospital's smart medical equipment, it's not just about money anymore - it's literally about life and death. Doctors can't access patient records, medical devices stop working, and surgeries have to be cancelled. In 2025, several hospitals have had to turn away emergency patients because their entire network was locked down by ransomware that started with a simple infected smart thermostat.

Factories are getting hit too. Imagine a car manufacturing plant where all the smart robots that build cars suddenly stop working because they've been infected with ransomware. The entire production line grinds to a halt, costing millions of dollars every hour. In one recent case, attackers gained access to a factory's network through an infected smart coffee machine in the break room, and from there spread ransomware to the entire production system.

The really sneaky part is how these attacks start. Criminals often use "USB drops" - they leave infected USB sticks in parking lots or near buildings, hoping curious employees will plug them into work computers. Once plugged in, the malware spreads like wildfire through the network, infecting every connected device. Other times, they exploit weak passwords on IoT devices like security cameras or smart printers. Once they control one device, they use it as a launchpad to attack everything else on the network.

Data Breaches

Some companies that make or manage smart devices don't protect the data they collect very well. Early in 2025, a huge leak exposed billions of records, including Wi-Fi passwords and device IDs. Hackers can use this information to break into other networks or spy on what people are doing online.

The scale of IoT data breaches is mind-boggling. Your smart devices are constantly collecting information about you - when you're home, when you're away, what you watch on TV, what you say to your voice assistant, even how you move around your house. All this personal data gets sent to companies' servers, and when those servers get hacked, your entire private life becomes public.

The 2025 breach mentioned above exposed over 2.7 billion records containing not just Wi-Fi passwords and device IDs, but also location data showing exactly when people were home or away, voice recordings from smart speakers, video footage from security cameras, and even personal conversations recorded accidentally by voice assistants. Criminals are now using this stolen data to plan burglaries - they know exactly when houses are empty and can even see inside homes through hacked security cameras.

What makes IoT data breaches particularly dangerous is that most people don't even know their devices are collecting this information, let alone that it's being stored on company servers. Unlike a credit card breach where you can cancel your card and get a new one, you can't change the layout of your house or erase years of personal conversations. This stolen data can be used against you for years to come.

The worst part is that many IoT companies treat security as an afterthought. They rush to get their smart gadgets to market without properly securing the data they collect. When breaches happen, some companies don't even notify customers for months, leaving people vulnerable without knowing it. It's like having your house broken into but the security company doesn't tell you for half a year!

Hackers Are Using AI to Make Attacks Stronger

Cybercriminals are starting to use artificial intelligence (AI) to find new ways to attack smart devices. AI helps them create new types of malware, find weak spots faster, and launch bigger attacks. This makes it even more important for everyone to keep their devices updated and use strong, unique passwords.

The combination of AI and cybercrime is creating a perfect storm of danger. Criminals are now using AI to scan the entire internet and automatically find vulnerable IoT devices in minutes rather than hours or days. Think of it like having a super-smart robot that can check millions of devices instantly, looking for ones with weak passwords or outdated software. Once it finds vulnerable devices, the AI can automatically hack them and add them to botnets without any human involvement.

AI is also being used to create more convincing phishing attacks. Criminals can now use AI to generate fake voices that sound exactly like your boss, family members, or trusted companies. They might call you, pretending to be your bank and use AI to perfectly mimic your bank manager's voice, tricking you into giving away passwords or personal information. AI can even analyze your social media posts to create personalized scam messages that are incredibly convincing because they reference your real interests, friends, and activities.

Even scarier, AI is helping criminals develop new types of malware that can learn and adapt. Traditional antivirus software works by recognizing patterns in known malware, but AI-powered malware can constantly change its code to avoid detection. It's like a shape-shifting virus that becomes invisible to security software. This AI malware can also learn about your network and find the best ways to spread to other devices, making infections much more difficult to stop.

The speed at which AI can operate means that attacks can happen faster than humans can respond. While security experts are still analysing one attack, AI-powered systems have already launched a thousand more. This is why keeping devices updated and using strong, unique passwords is more critical than ever - it's one of the few defences that can slow down these AI-powered attacks.

What is the Problem

IoT devices have lots issues from a security standpoint:

  • Insecure communication
    • Often, data sent over the network wirelessly is left with no encryption and in complete plaintext. This means data streams for devices like cameras, can simply just be capered out of the air without even being on the network.
  • Lack of firmware updates
    • Our phones, laptops, computers etc get updates from the manufacturer almost every month yet sometimes it feels like nothing changed. However these updates are essential to the security of your device. They are called security patch updates and are used to keep your devices secure by updating antivirus, fixing vulnerable code and more. IoT devices often don't receive these updates and thus their firmware is left to age until it becomes insecure. This happens a lot quicker than you think.
  • Password policies
    • Most IoT devices make use of passwords, whether it’s a password for a network that you connect to in order to set it up, a password to access the devices controls or maybe the password isn't even available to you and is used in the programming of the device itself. However, most of the time, the passwords these devices are shipped with are insecure, basic and easily cracked. This wouldn't be so much of an issue if the device prompted you to change it, however they don't, and even worse some of the devices don't even allow you to change it.

Passwords and Why They Matter

Passwords may seem irrelevant, but insecure passwords allow hackers to access devices easily, without having to generate backdoors or find some other vulnerability. It’s the equivalent of just walking through the door of someone's house because they don't have a lock.

And if this isn’t bad enough, almost all devices don't even give you the choice to configure 2FA, a secondary method of verification to make sure it is you accessing the device.

Conclusion

We can see how bad IoT security is, and how bad it has been since IoT became popular. People think security is a right and is just included as a standard but that is just not the case. Security is thought of as a "privilege”, but this shouldn't be the case.

The real-world examples talked about in this post aren't the only times IoT has let us down, there's more news articles just like them out there. Cyber security is becoming an important topic in today’s technical landscape, and we should all be taking it more seriously.

Sources

Tags:

Cyber Security IoT Networking Encryption Authentication Data Firmware Botnet Threats Smart Tech

Share this post:

← Back to Blog