Internet of Things Comes With Alarming Security Risks, says HP Study

Internet of Things connected homeInternet of Things (IoT) devices could be “alarmingly” vulnerable to hackers and malware, and trigger major security risks, according to a study by Hewlett-Packard.

The companys security business unit, Fortify, investigated ten of the most popular devices in the connected home market, spanning several connected home areas, such as home themostats, sprinkler controllers, TVs, webcams, home alarms and hubs for controlling multiple devices. The majority of these devices utilised cloud-based computing and all used mobile apps to access and control them remotely.

Of the devices studied, 80 per cent failed to require passwords of adequate length or complexity, while 70 per cent were deemed vulnerable to being hacked. 80 per cent also put users at risk of having their personal details intercepted through their cloud services.

70 per cent used unencrypted network services, while 60 per cent had user interfaces that were vulnerable to attack by hackers through a variety of methods. In addition, 70 per cent would allow an attacker to identify user accounts through a process called account enumeration.

In a statement, HP said: “Late last year, we were hearing a lot about Internet of Things, and a bit about IoT security, but had not seen anything that focused on the complete picture of IoT security, i.e. all the various surface areas that represent the IoT ecosystem. So, we decided to start the OWASP Internet of Things Top 10 Project, which aims to educate on the main facets of Internet of Things Security that people should be concerned with.”