AI vs AI: CyberKnight Experts Warn That Smart Homes and Critical Infrastructure Are the Next Battleground in Cybersecurity

As AI reshapes both defense and offense in cybersecurity, experts from CyberKnight — Ayman Sharaf (Senior Business Development Manager), Muhammad Abdulla Marakkoottathil (Senior Product Manager), and Faiz Aftab (Business Unit Head) — are sounding the alarm on the growing vulnerabilities in smart home devices and the escalating threat of AI-driven attacks. In an exclusive conversation, they explain why most connected devices remain insecure despite basic safeguards, how AI is transforming the cyber threat landscape, and why a Zero Trust, AI-powered defense strategy is now essential to protect households, businesses, and national infrastructure.

Why are most smart home devices still vulnerable despite basic security measures?
Muhammad: Smart devices are electronic gadgets uses Wi-Fi, Bluetooth etc. to control remotely and automate tasks using voice or timer etc. Some of the examples are like bulbs, curtain controller, washing machine, refrigerator, motion detectors, water level controller on the tanks and security monitoring devices like Cameras, doorbells, locks Smart home devices typically run on a combination of firmware and software platforms that enables connectivity, control and automate. Smart home devices could be vulnerable primarily due to following:

• Lack of firmware updates: Devices often lack automatic updates or support ends prematurely, in this case attacker can make use software exploit control these devices.
• Weak default credentials: Many devices ship with default usernames/passwords that users don’t change. And many cases these default credentials are still available to the vendor or organization engineers implemented setup. Example if the IP and password of the camera app is shared for malicious activities, it can jeopardize the privacy of the homeowner
• Limited user awareness: Consumers may not understand the risks or how to secure their devices and full functionality before and after making the purchasing decisions. This could be a typical case with any security cameras resolutions or disk capacity to playback the camera feeds.
• Interoperability issues: Devices from different vendors may not follow consistent security standards, example would be if the curtain controller, gate automation and lighting system from different vendors it may not allow to manage and operate the system from a single management system due to interoperability issues.

Ayman: Many devices are made cheap and fast, so companies don’t focus enough on security. Some devices don’t get software updates, or support stops after a short time. Also, many people don’t change the default passwords or don’t use a secure home network.

Faiz: Most often, people prefer convenience and low cost. They select the plug-and-play devices that come with weak default passwords, don’t get regular updates, or don’t have the power to run strong protection. On top of that, people often forget to change settings or update devices, which leaves them open to attacks.

How are cybercriminals using AI to launch advanced attacks — and how can AI fight back?
Muhammad: Cybercriminals are individuals or groups who use computers, networks, and digital technologies to carry out illegal activities. According to recent studies, there has been a 47% increase in AI-enabled attacks globally in 2025. The future of cyberwarfare appears to be a battle between AI engines. Some of the attack methods and AI techniques used by cybercriminals include:

• Phishing Attacks: AI generates highly convincing, personalized emails by analyzing user behavior, language patterns, and social media data. These emails are difficult to distinguish from legitimate ones, increasing their success rate.
• Malware Development: AI helps create polymorphic malware that constantly changes its code to evade antivirus and endpoint detection systems.
• Brute Force and Password Cracking: Machine learning algorithms analyze password patterns and user habits to predict and crack passwords more efficiently.
• Social Engineering: AI scrapes data from social media and public records to craft highly targeted attacks, including mimicking voices or creating deepfake videos.

The AI can fight back the attack most effectively if the organization or individual make use of the zero-trust kind of framework on top of AI based solution collectively to mitigate the attacks rather than tool-based approach. As the approach may use multiple mechanisms such as listed below.

Continuous authentication and authorization for devices, users, and APIs:

• Micro-segmentation
• Behavioral analytics
• Automated threat response
• Dynamic policy enforcement
• Data protection

For example, a smart thermostat tries to access cloud storage, or financial information – AI can detect unusual behavior and block the access and alert the user and AI investigate where the device was compromised and recommend actions.

Ayman: Criminals use AI to create very realistic phishing emails, fake voices or videos (deepfakes), or write malware faster. On the other hand, defenders can use AI to watch network traffic, find strange behavior quickly, and respond faster than humans alone.

Faiz: Cybercriminals play with people’s emotions. They use AI-driven social engineering attacks to understand how people behave and trick them into making mistakes. They use AI-powered phishing by creating convincing fake emails and messages that trick you into giving away your personal information. On the other side, AI can also help us fight back by spotting unusual behaviour in devices, blocking suspicious activity in real-time, and even fixing or isolating infected devices automatically.

What advanced steps can households and businesses take beyond passwords and updates?
Muhammad: Households should adopt a holistic approach to security rather than relying on one or two isolated solutions. Key practices include:

• Adopting a Zero Trust Model: Segment the home or office network, classify users and data, and restrict access to only what is necessary. Implement continuous verification using multi-factor authentication (MFA) and monitor device behavior regularly.
• Using AI-Based Security Solutions: These solutions can detect and respond to threats in real time by correlating various behavioral patterns to identify anomalies and potential risks.
• Securing Devices: Regularly update firmware, disable unnecessary features, and use encryption to protect data both at rest and in transit.
• Awareness Training: Educate family members and employees about common cyber scams and safe browsing practices to reduce human error and improve overall security posture.

Ayman: Some steps could include:

• Putting smart devices on a separate Wi-Fi network (guest network) away from work or personal computers.
• Turning on multi-factor authentication (MFA) where possible.
• Using a router or app that shows unusual connections.
• Buying devices from companies that follow international security standards (like ETSI EN 303 645).

Faiz: Some steps could include:

• Turning on multifactor authentication
• Putting smart devices & IOT devices on a separate Wi-Fi network from your important work devices.
• Using strong, unique passwords for every device. Avoid reusing passwords from other accounts.
• Using security tools that can detect and block intruders.
• Regularly checking which devices are connected to your network.

What cybersecurity strategy needs to be adopted to counter AI-driven threats?
Muhammad: A robust strategy is essential to counter AI-driven threats. As AI becomes increasingly embedded in cyberattacks—from deepfake impersonations to automated phishing and adversarial malware—organizations must evolve their cybersecurity approaches to stay ahead. A modern strategy involves leveraging AI for defense, such as anomaly detection and behavioral analytics, while adopting a Zero Trust framework to secure identities and access. Data protection through encryption and privacy-preserving AI techniques is critical, along with hardening AI models against manipulation. Equally important is fostering a security-aware culture through training and simulations and ensuring rapid response capabilities with AI-assisted incident handling. By combining advanced technology, strong governance, and human vigilance, businesses can build resilient defenses against AI-driven threats.

Ayman: Organizations should use both AI tools and human experts together (automation plus human review). They need to share information about new threats between companies and government. Regular security testing (like penetration tests) is also important to simulate AI attacks.

Faiz: We need to be proactive, not just wait for an attack. This means the Zero-trust model must be in practice. We should never assume that a user or device is safe by default. Each device and user has to go through the authentication process before getting access to the network. Organizations should have AI tools to monitor the network 24/7 and advanced security tools to detect and block intruders. Make sure your devices are not directly exposed to the internet. Use firewalls and disable remote access unless you really need it. There should be a training and awareness campaign to keep the team updated with the latest threats and measures to be taken. A backup and recovery plan must be in place in case of any breach.

How can manufacturers, providers, and regulators work together to secure smart devices?
Muhammad: Manufacturers, service providers, and regulators each play a critical role in securing smart devices, and their collaboration is essential for a resilient IoT ecosystem:

1. Manufacturers are responsible for embedding security by design—ensuring devices have secure firmware, regular patching capabilities, strong authentication mechanisms, and minimal default vulnerabilities. They must also provide transparency about data usage and security features.
2. Service Providers (e.g., ISPs, cloud platforms) must ensure secure connectivity, monitor for anomalies, and offer secure onboarding and management of devices. They act as a bridge between users and devices, often managing updates and threat detection.
3. Regulators set the baseline through policies, standards, and compliance frameworks. They enforce accountability, promote best practices (like NIST or ETSI standards), and protect consumer rights by mandating disclosures and breach reporting.

Ayman: Some of the steps include:

• Following clear security rules and standards (like no default passwords, must have software updates).
• Having a system for reporting and fixing vulnerabilities quickly.
• Regulators can stop unsafe devices from entering the market.

Faiz: Here are my thoughts:

• Manufacturers should build vendor-agnostic devices with strong security from the start, and they can be integrated with third-party security tools as per demand.
• Providers should provide secure connections and push automatic updates and alerts.
• Regulators should enforce the safety standards for the IOT & OT devices and should be practiced. This should be monitored and checked regularly within or specific time frame
• All three together should share Cyber threat information and work as a team.

What risks do insecure smart devices pose to critical infrastructure and public safety?
Muhammad: Insecure smart devices pose a wide range of risks that can impact individuals, organizations, and even national infrastructure. These risks include:

• Privacy breaches: Devices may collect sensitive personal data (e.g., audio, video, location) that can be intercepted or leaked.
• Unauthorized access: Weak authentication or default credentials can allow attackers to take control of devices remotely.
• Botnet recruitment: Insecure devices can be hijacked and used in large-scale attacks like DDoS (e.g., Mirai botnet).
• Data manipulation: Compromised devices can alter or falsify data, affecting decision-making in critical systems like healthcare or industrial control.
• Network infiltration: Once inside a network, attackers can use smart devices as entry points to access other systems.
• Physical safety risks: In cases of smart locks, cameras, or medical devices, insecurity can lead to real-world harm.

Securing these devices requires collaboration between manufacturers, service providers, and regulators to ensure robust design, secure deployment, and ongoing oversight.

Ayman: Hackers can use insecure devices as entry points to bigger systems (like cameras, locks, sensors). Devices can also be hijacked into botnets and used for large cyberattacks that affect governments or companies.

Faiz: Insecure smart devices, a subset of the Internet of Things (IoT), pose significant and escalating risks to critical infrastructure and public safety by providing new entry points for malicious attacks. Attackers can exploit weaknesses in these devices—such as weak default credentials, outdated software, and unencrypted data transmission—to launch cyberattacks that disrupt essential services, steal sensitive data, and even cause physical harm. In homes, hacked devices like locks, cameras, or even health monitors could put people’s safety at risk. They can even use insecure devices to disrupt power grids, transport, or communication.

How can consumer awareness be improved to reduce smart device vulnerabilities?
Muhammad: Consumer awareness and device vulnerabilities are closely linked in the context of smart device security. When consumers lack awareness about the risks and best practices—such as changing default passwords, updating firmware, or recognizing insecure connections—they inadvertently increase the attack surface for cyber threats. Vulnerable devices, especially those with outdated software or weak authentication, become easy targets for exploitation. On the other hand, informed consumers are more likely to choose secure products, configure them properly, and maintain them over time, reducing overall risk.

Improving customer awareness about smart device vulnerabilities requires a mix of education, transparency, and engagement. Manufacturers and service providers should offer clear, user-friendly guidance on device setup, security features, and update procedures. Public awareness campaigns, tutorials, and in-app prompts can help users understand the risks and best practices—like changing default passwords or enabling automatic updates. Regulators and consumer advocacy groups can also play a role by mandating labeling standards (e.g., security ratings) and promoting digital literacy. Ultimately, empowering users with knowledge and tools is key to reducing vulnerabilities and building a safer smart device ecosystem.

Ayman: Share simple steps: change default passwords, enable automatic updates, use a guest Wi-Fi network, unplug devices when not needed. Use short videos, stickers on device boxes, and instructions in local languages to teach users.

Faiz: Public campaigns through social media to teach people how to protect devices. Clear security labels on devices so buyers know how safe they are. A user guide must be provided along with the devices to change the default username and passwords and to integrate with multi-factor authentication. Free or low-cost training programs for families and small businesses. User must use devices from the manufacturers that are approved by the local regulatory authority.