IoT
10/25/2018
12:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Explosive IoT Growth Slowed by 'Early Adopter Paradox'

Extensive multi-year F-Secure consumer survey finds the consumers most excited about connected home devices are also most aware of the privacy risks

Helsinki, Finland — October 24, 2018: Adoption of the internet of things (IoT) continues to explode but it could be even more transformative, a new F-Secure survey finds. The consumers most eager to purchase new connected devices tend to delay or avoid new IoT purchases due to privacy or security concerns. This “Early Adopter Paradox” is creating an opportunity for operators who are already uniquely positioned to secure connected homes. 

F-Secure has conducted nearly 20,000 consumer interviews in the United States and Europe over the last 5 years.* The research finds:

  • Early adopters love the IoT: 9 out of 10 say that they’re excited about the technology.
  • Privacy concerns, however, hold back new investments in smart home devices: 74 percent of early adopters say they’re looking to purchase connected home devices, but  two-thirds have delayed an IoT purchase because of privacy concerns.
  • Early adopters connect more: 38 percent of U.S. internet users spend more than 4 hours online a day; this rises to 45 percent for early adopters
  • Cyber security savvy rises: 62 percent of U.S. consumers know what ransomware is compared to 37 percent in 2015
  • Users shift to mobile: the share of Americans using desktop PCs has fallen 6 percent since 2015 as the percent that uses Android smartphones has increased 10 percent and iPhone use is up 9 percent
  • Homes are getting “smarter:” Nearly one in four U.S. homes, 22 percent, use a digital assistant such as Amazon Alexa or Google Home, a category that didn’t exist in 2015; this is almost double the 12 percent of Europeans who use such devices 

“U.S. consumers are moving to connected devices by choice to enhance their lives and by necessity, given that it’s almost impossible to find a TV that isn’t considered ‘smart’ today,” says F-Secure Operator Consultant Tom Gaffney. “But these numbers might be even higher if consumers, especially the consumers most open to considering new technology had more confidence in the IoT.”

There’s a considerable threat to consumers due to inadequate regulations regarding security and privacy on the IoT.

“Early adopters’ worries about protecting their personal data are valid, considering the current issues challenging devices that stay online all the time yet aren’t normally secured in the way the most PCs and many smartphones are,” says Gaffney.

In March of this year, Interpol, the International Criminal Police Organization, warned, “All devices which can connect to the Internet – collectively called the ‘Internet of Things’ or IoT – are potentially at risk of a cyberattack.”*** In early August, the FBI warned that cyber actors illegally use IoT devices for malicious activities that could spike consumers’ internet service bills and threaten the reliability of their internet connection.****

F-Secure’s international network of decoy “honeypot” servers used to track the latest cyber threats network continues to find that variations of Mirai are the most prevalent malware in circulation.***** Mirai targets IoT devices, including cameras and routers, and was used in 2016 to carry out one of the largest denial of service attacks against internet services in history.

“The good news is that there is a simple solution to securing connected home devices and it comes from a source consumers already invite into their living rooms,” says Gaffney. “As the average household moves toward the use of dozens of connected devices at one time, the demands on service providers will only increase. F-Secure is delivering a comprehensive router-based solution that protects the entire home so that our partners are ready for what we know is coming next.”

 

*Source: F-Secure surveyed 19,200 consumers in January and February of 2014, 2015 and 2018.

**Source: https://fsecureconsumer.files.wordpress.com/2018/01/f-secure_pinning-down-the-iot_final.pdf

***Source: https://www.interpol.int/News-and-media/News/2018/N2018-007 
****Source: https://www.ic3.gov/media/2018/180802.aspx

*****Source: https://blog.f-secure.com/world-cup-malware/

 

 

More information

F-Secure Blog: Privacy Concerns Cooling IoT Adoption in the U.S. and Europe

 

 

About F-Secure

Nobody knows cyber security like F-Secure. For three decades, F-Secure has driven innovations in cyber security, defending tens of thousands of companies and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections. F-Secure’s sophisticated technology combines the power of machine learning with the human expertise of its world-renowned security labs for a singular approach called Live Security. F-Secure’s security experts have participated in more European cyber crime scene investigations than any other company in the market, and its products are sold all over the world by over 200 broadband and mobile operators and thousands of resellers.

 

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.

 

f-secure.com twitter.com/fsecure | facebook.com/f-secure

 

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3906
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
CVE-2019-3907
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
CVE-2019-3908
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.
CVE-2019-3909
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change the credentials without vendor intervention.
CVE-2019-3910
PUBLISHED: 2019-01-18
Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.