Thousands of Smart Homes and Businesses at Risk of Data Breach

Cybercriminals can now gain access to smart homes through misconfigured Message Queuing Telemetry Transport (MQTT) servers. The MQTT protocol is used to interconnect and control smart home devices via smart home hubs. Cybersecurity firm Avast found over 49,000 MQTT servers that were publicly visible on the Internet due to a misconfigured MQTT protocol. There were also about 32,000 servers that were not password protected. Severe security vulnerabilities may arise if the MQTT is not implemented or configured correctly. The issues can be exploited by cybercriminals to gain complete access to a smart home i.e. they can watch if the owner is home or not, and check if smart doors and windows are opened or closed. Security researcher at Avast, Martin Hron said, "Consumers need to be aware of the security concerns of connecting devices that control intimate parts of their home to services they don't fully understand and the importance of properly configuring their devices."

- Direct Quote from Gartner

Full Story

Sources: IT Pro Portal, Gartner