Off-the-shelf connected devices, such as baby monitors, home security cameras, thermostats and doorbells are easily hackable, warn researchers at Ben-Gurion University.
They found that the majority of consumer devices are riddled with security flaws, making them easy targets for cyber criminals.
In an ongoing research project, the researchers are examining a range of IoT devices for security flaws. The research is focusing on technology that is intended for use in so-called smart homes.
After dissembling and reverse engineering a plethora of common internet-enabled devices, the researchers said that they "quickly uncovered serious security issues".
It is truly frightening how easily a criminal, voyeur or paedophile can take over these devices
Dr. Yossi Oren, a senior lecturer in BGU's department of software and information systems engineering, said it is worrying how quickly attackers can compromise such devices.
"It is truly frightening how easily a criminal, voyeur or paedophile can take over these devices," he said.
"Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely, much to the concern of our researchers who themselves use these products."
When conducting a controlled experiment, the ethical hackers were able to bypass security mechanisms in a matter of minutes.
Omer Shwartz, a Ph.D. student working on the project, explained: "It only took 30 minutes to find passwords for most of the devices and some of them were found only through a Google search of the brand.
"Once hackers can access an IoT device, like a camera, they can create an entire network of these camera models controlled remotely."
Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely
The researchers said the main reason that hackers can compromise these devices is because they are "poorly secured". For instance, devices under the same brand often use the same default passwords.
Dr Oren said manufacturers need to "stop using easy, hard-coded passwords, to disable remote access capabilities, and to make it harder to get information from shared ports".
He explained: "It seems getting IoT products to market at an attractive price is often more important than securing them properly."
Ethical hackers were able to bypass security mechanisms in a matter of minutes
Yael Mathov, who also helped out on the project, said the threats far outweigh the benefits of connected devices at the moment.
"The increase in IoT technology popularity holds many benefits, but this surge of new, innovative and cheap devices reveals complex security and privacy challenges," he said.
He continued: "We hope our findings will hold manufacturers more accountable and help alert both manufacturers and consumers to the dangers inherent in the widespread use of unsecured IoT devices."
Campaigners want US authorities to break-up Instagram, WhatsApp and Messenger into separate companies
The perception of the industry as "a white man in a hard hat" is limiting new applicants, says Hayaatun Sillem
Almost two years late - and just as AMD is readying 7nm Zen 2 for early 2019
Eye-wateringly expensive smart speakers take just six per cent market share, claims Strategy Analytics