A recent report from internet security vendors Avast has revealed that, while commonly-found home devices such as printers and security cameras are frequently exposing home networks to cyber risk, game consoles are at the opposite end of the spectrum, posing a much lower risk.

The research, which was conducted using the Avast Wifi Inspector, revealed that 35.8 percent of printers in Australian homes were exposed to cyber attacks due to weak credentials and lack of security updates, but only 0.5 percent of game consoles had the same issue.

Luis Corrons, security evangelist at Avast, suggests that: “Game consoles are pretty much closed systems. They can only run programs that are pre-approved by the game console vendor, and their business model relies on that, since they earn money for every game that is sold no matter who the developer might be. Therefore these vendors take security very seriously, so as to avoid running unauthorised code.”

As the game console has evolved over time, games themselves have become much more interactive and come to rely on internet connectivity for multi-user game play, buying additional games and value packs, online chatting, downloadable content and game demos.

“Nowadays most game consoles are connected to the Internet as users want to play online, and that allows them to get updated automatically, without users needing to consider updating or patching their device manually. Therefore, most game consoles are in a state where they are always running the latest software, are fully updated and not exposed to vulnerabilities,” said Corrons.

Printers on the other hand are connected to the home network. People do not pay much attention to them, except when they need to print documents. Since this action is performed from their PC or laptop, there is very little direct interaction with the printer, which generally stays ‘out of sight, out of mind’ so long as it is working properly.

Updates to a printer, or other networked device such as Network Attached Storage (NAS) or security cameras, generally need to be performed from a computer, and are usually not configured to happen automatically.

“We know that when an update relies on the final user, it often won’t happen. Also, computers are the most targeted devices, and most of the attacks that we see on printers will come from a compromised computer,” said Corrons.

A link to the full report can be found here:

cdn2.hubspot.net/hubfs/4…b_2019.pdf

News From
Avast