Less than a third (31 per cent) of consumers in the UK perform firmware updates on their devices as soon as they become available, a new report by Ubuntu Core, a Canonical company working on connected devices, says. Four in ten (40 per cent) have never updated the firmware on their devices, ever. This leaves them extremely vulnerable to cyber-attacks, because firmware updates are usually designed to patch security holes.
Without these patches, the devices are left vulnerable to known attacks, and hackers take advantage of it. What’s also interesting is that a significant number of consumers don’t even think it’s their responsibility to keep their devices up-to-date and protected. A quarter (22 per cent) thinks software developers should worry about it, and 18 per cent think this should be the device manufacturer’s obligation. Also worrying is the fact that almost half (48 per cent) didn’t even know thinks like routers could be used to spy on their owners, or to launch cyber-attacks.
More than 2,000 UK consumers participated in the creation of the report.
“These findings highlight a dangerous disconnect between industry guidelines and the behaviours and understanding of the average consumer,” commented Thibaut Rouffineau, Head of Devices Marketing - IOT, Phone, PC at Canonical Ltd. / Ubuntu.
“Purely educational approaches to IoT security aren’t working, so the IoT industry must step up, take charge and stop placing the full burden of security at consumers’ doors. For IoT to truly succeed, we need regulators to force manufacturers to assume the costs and liabilities associated with security failures, better automatic mechanisms to fix vulnerabilities remotely and we need to actively ban the dreaded ‘default password’, as Canonical has done with Ubuntu Core 16.”
Image source: Shutterstock/Sergey Nivens