The promise of the ever-expanding Internet of Things (IoT) brings excitement to many. However, cyber criminals also show interests in it according to a study done by tech giant Hewlett-Packard (HP).
The company’s Fortify application security unit analyzed the ten most popular consumer IoT products available and discovered a staggering 250 different security flaws. The average for each product was found to be 25 vulnerabilities. While HP refrains from explicitly naming the products, a rough classification was given. These products originated from manufacturers of “TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales, and garage door openers.”
In general, these devices usually operate on stripped-down versions of the Linux operating system. Even so, they still share many similar basic security concerns of servers or computers running Linux. The troubling part arises when these devices are not given the same level of security measures as a traditional computer by the builders.
HP’s Fortify unit VP and general manager, Mike Armistead, attributes this problem to manufacturers who are in a haste to release their products without committing to substantial security measures to buffer the devices against basic kinds of attacks.
The situation can escalate when one compromised device overlaps vulnerabilities with another, leading to a chain attack. Remember the notorious Target breach when an attack on the store’s heating and ventilation system led to compromised information on over 70 million customers.
The study also revealed alarming security gaps in today’s IoT devices. A significant number of devices did not require strong passwords, encrypted data while communicating with the Internet or a local network, or even during software update downloads. This puts them at risk of significant cyber threats. Further, nine out of the ten devices collected personal data, such as an email address, home address, name, or date of birth.
The extent of the Internet of Things remains an estimate; however, the research firm Gartner predicts it could encompass 26 billion individual devices by 2020.
As Armistead unquestionably puts it: “For a hacker, that’s a pretty large new target to attack.”
Therefore, consider yourself warned.
source: Arik Hesseldahl/Recode, Techmeme
This article was updated in 2025 to reflect current trends and insights.
Paul Balo is the founder of TechBooky and a highly skilled wireless communications professional with a strong background in cloud computing, offering extensive experience in designing, implementing, and managing wireless communication systems.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
