Majority of IoT devices 'vulnerable' to cyber attacks says HP

Security

by CBR Staff Writer| 05 August 2014

25 vulnerabilities were discovered per IoT device.

Internet of Things (IoT) devices contain numerous flaws which can make them highly vulnerable to cyber attacks, a new report has found.

About 70% of the most commonly used networked devices contain flaws a the HP report noted.

Despite averaging 25 vulnerabilities per product, the number and diversity of connected devices is anticipated to rise exponentially, with Gartner forecasting that IoT device numbers are to rocket to 26 billion units by 2020.

HP Enterprise Security Products VP Mike Armistead said: "While the Internet of Things will connect and unify countless objects and systems, it also presents a significant challenge in fending off the adversary given the expanded attack surface.

"With the continued adoption of connected devices, it is more important than ever to build security into these products from the beginning to disrupt the adversary and avoid exposing consumers to serious threats."

HP found that of the overall 10 of the most popular IoT devices scanned, on average, 25 vulnerabilities were discovered per device, totalling 250 security issues across all tested products.

Of the overall vulnerabilities, HP found that eight of the 10 devices tested raise privacy issues concerning the collection of consumer information including name, email address, home address, date of birth, credit card credentials and health information.

About 80% of IoT devices failed to necessitate passwords of required complexity and length, with a majority of them allowing passwords such as '1234'.

As part of tests, about 70% of IoT devices were not able to encrypt communications to the internet and local network, while half of the devices' mobile applications executed unencrypted communications to the cloud, internet or local network.

Furthermore, HP found that six of the 10 devices raised security concerns with their user interfaces, while 60% of them did not use encryption when downloading software updates.

Gartner anticipates that the IoT product and service suppliers would generate incremental revenue surpassing $300bn, mostly in services, in 2020.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

744 people like this.
0 people follow this.

Security Intelligence

Buy the latest industry research online today!
See more

Suppliers Directory


See more
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.