Last month the company Netscout, set up a honeypot to see how long it would take for an Internet connected (IoT) device to be attacked once it was connected to the web. Hold on to your socks. It takes an astounding 5 min for hackers to try to login to your device using a default password. That is all you have to change that default password, 5 min. Wait longer than that and they gain access.
Should you successfully get your password changed, you are not in the clear yet. Attack number two will happen in less than 24 hours. That is when criminals will try to use known vulnerabilities to hack into the device. This gives you less than 24 hours to update its firmware/software and patch those vulnerabilities.
Why should you care if someone gets access to your IoT device? Once accessed the hackers can make your device part of a botnet and use it to attack other organizations or companies by distributing malware or perpetrating a DDoS attack.
Should you get a cool IoT device for Christmas whether it is a Google Home, Echo Dot, smart light bulbs or a smart thermostat, change the default password immediately and download and install any updates. Not only will you be protecting your device, but you will be making the Internet a safer place for everyone.