Off-the-shelf connected devices, such as baby monitors, home security cameras, thermostats and doorbells are easily hackable, warn researchers at Ben-Gurion University.
They found that the majority of consumer devices are riddled with security flaws, making them easy targets for cyber criminals.
In an ongoing research project, the researchers are examining a range of IoT devices for security flaws. The research is focusing on technology that is intended for use in so-called smart homes.
After dissembling and reverse engineering a plethora of common internet-enabled devices, the researchers said that they "quickly uncovered serious security issues".
It is truly frightening how easily a criminal, voyeur or paedophile can take over these devices
Dr. Yossi Oren, a senior lecturer in BGU's department of software and information systems engineering, said it is worrying how quickly attackers can compromise such devices.
"It is truly frightening how easily a criminal, voyeur or paedophile can take over these devices," he said.
"Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely, much to the concern of our researchers who themselves use these products."
When conducting a controlled experiment, the ethical hackers were able to bypass security mechanisms in a matter of minutes.
Omer Shwartz, a Ph.D. student working on the project, explained: "It only took 30 minutes to find passwords for most of the devices and some of them were found only through a Google search of the brand.
"Once hackers can access an IoT device, like a camera, they can create an entire network of these camera models controlled remotely."
Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely
The researchers said the main reason that hackers can compromise these devices is because they are "poorly secured". For instance, devices under the same brand often use the same default passwords.
Dr Oren said manufacturers need to "stop using easy, hard-coded passwords, to disable remote access capabilities, and to make it harder to get information from shared ports".
He explained: "It seems getting IoT products to market at an attractive price is often more important than securing them properly."
Ethical hackers were able to bypass security mechanisms in a matter of minutes
Yael Mathov, who also helped out on the project, said the threats far outweigh the benefits of connected devices at the moment.
"The increase in IoT technology popularity holds many benefits, but this surge of new, innovative and cheap devices reveals complex security and privacy challenges," he said.
He continued: "We hope our findings will hold manufacturers more accountable and help alert both manufacturers and consumers to the dangers inherent in the widespread use of unsecured IoT devices."
Why does Facebook store "my entire call history with my partner's mum", asks developer who requested his Facebook data
Facebook database included text-message metadata - despite not using Facebook Messenger for SMS
Before Ocado could start selling the technology it had developed to other retailers, it had to tear down and rebuild its own monolithic architecture
Successful attack could result in harm to patients and financial loss, warns NHS governing body
Guccifer 2.0 claimed to be a lone Romanian hacker - until a schoolboy error gave him, her or them away