IoT devices may be cool and high tech, but the dangers they invite can be disastrous, especially for businesses. For the 62% of US adults who use connected devices and the businesses that rely on them, security should be top priority. So why isn’t it?

In September 2015, the FBI issued an official warning from its home base. Informing the public of the unique dangers involved with bringing IoT devices into the home or office, they expressed to users to proceed with caution, be aware, and take necessary precautions. However, it would appear this warning has gone completely unheeded.

Most IoT devices are designed, manufactured, and supported with convenience in mind, rather than with security in mind. While, yes, IoT devices are convenient, it may lead to more trouble than it’s worth. UPnP, or Universal Plug and Play Protocol is one of the most popular methods of IoT set-up. It takes but a moment and most anyone of any skill level can be successful. But the benefits end there. This process is so quick and easy because it does not require even the most rudimentary levels of authentication.

With low levels of industry-wide standards, poor security defaults, and difficult to patch firmware, many IoT devices are left defenseless. The worst was realized in 2016 with the Mirai botnet attack. Responsible for taking down huge portions of the web including Reddit, Twitter, and even. Netflix, the Mirai hack targeted Dyn, one of the largest DNS companies in the world. The damage resulted in the largest DDoS attack ever and was made possible through gaining access to computers and IoT devices by using default passwords. Passwords could have been reset beforehand. Hacks to IoT devices are harder to detect than “standard” hacks, and allow hackers to bypass more secure devices once gaining access. After all, a network is only as strong as its weakest device.

This infographic below details the current state of IoT security (or lack thereof) and how users can protect themselves, their data, and the integrity of devices.

Infographic Courtesy of Cyber Security Degrees