Dawes Centre for Future Crime at UCL


Policy brief: How secure is consumer IoT?

This research explored crime associated with the ‘Internet of Things’ (IoT), security features of devices and consumers’ willingness to pay for security.

Download the policy brief (PDF) 

The IoT brings internet connectivity to every-day electronic devices, allowing them to collect and share data over networks. IoT devices in the home range from speakers and smart televisions, to app-controlled burglar alarms and fridges. The IoT promises benefits in efficiency and functionality to make our homes, offices and cities ‘smarter’, but they also provide opportunities for crime.  

For example, some devices (including ‘security’ cameras) lack basic password functionality or allow the use of default passwords, which can easily be guessed or even found on forums. Such vulnerabilities have been exploited to conduct Distributed Denial of Service (DDoS) attacks, which are used to make a website or online service unavailable. One such attack, which took place in 2016 knocked Twitter, Netflix and the Guardian Newspaper offline during the attack. Vulnerable internet enabled devices can also be targeted to steal personal information, including credit card details. 

While security should be designed into devices, there is little incentive for manufacturers to do so consistently. Moreover, at the point of purchase, consumers are not provided with simple information to help them assess the security of devices.  

Lead researchers:
Professor Shane Johnson, Principal Investigator (Dawes Centre for Future Crime), Dr John Blythe (CybSafe), Professor Matt Manning and Dr Gabriel Wong (Australian National University).

Funder & Key Contributors:
This work was carried out by the Dawes Centre for Future Crime at UCL. This briefing was produced in partnership with Florence Greatrix at UCL STEaPP’s Policy Impact Unit. The research was funded by the Dawes Centre for Future Crime at UCL and the PETRAS Internet of Things Research Hub. 

Output type:
Policy briefing 

More details of the research and links to research publications are available here.