Seven out of ten of the most commonly used Internet of Things (IoT) devices have "serious vulnerabilities", according to tech company Hewlett-Packard (HP).
Tests revealed 250 flaws across the devices, including privacy concerns in eight cases, weak password policies in the same number, and a lack of transport encryption in seven cases.
Daniel Miessler, practice principal at HP, said: "The current state of Internet of Things security seems to take all the vulnerabilities from existing spaces - network security, application security, mobile security and Internet-connected devices - and combine them into a new, even more insecure space, which is troubling."
Six of the devices had user interfaces that concerned the company, and the same number had troubling software or firmware, including unencrypted updating protocols.
"IoT security is not just a consumer problem," Miessler added.
"Corporations need to be looking at how their ICS (industrial control) and SCADA (supervisory control and data acquisition) systems fare when looked at under a similar light."
The devices investigated included a television, a home thermostat and a door lock, with most of items said to include some form of cloud service.
Absolute® Software specialises in technology and services for the management and security of mobile computers and smartphones.
M86 Security is a global provider of web and e-mail security products. We are the only security company able to provide integrated, reliable and...
Qualys is the leading provider of on demand IT security risk and compliance solutions - delivered as a service. Qualys solutions enable...
Established in 1957, BCS, The Chartered Institute for IT, promotes wider social and economic progress through the advancement of information...