Many interconnected devices are plagued by very simple vulnerabilities

Jul 30, 2014 20:59 GMT  ·  By

A report from HP Security Research, created after analyzing popular devices in the most common Internet of Things (IoT) areas, shows that the number of vulnerabilities for each of the items assessed should cause sufficient reasons to worry.

Information, personal and sensitive in nature, was found to benefit from the least degree of protection, as the devices included vulnerabilities of the entire spectrum of complexity, from Heartbleed to denial of service and weak passwords.

TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers were on the list of tested devices, and all of them could be controlled from a mobile gadget; in some cases, cloud service would be available.

It appears that 90% of these devices collected personal information, while 70% communicated over the network without any form of encryption. Moreover, 80% did not offer the user the possibility to enable strong passwords, forcing them to rely on a weak one by today’s industry standards.

Given all these risks, it is clear that all devices composing the IoT should be subject to proper security assessment and standards regulating protection measures.

However, IoT is still at the beginning, and it has been seen that adoption of a product on a wider scale also brings stronger security, as a wider audience has the opportunity to find weaknesses, which, in turn, leads to implementing the necessary fixes.