HP report highlights security vulnerabilities in IoT-enabled devices

Research from HP of 10 Internet of Things (IoT)-enabled devices has found on average 25 security flaws per unit, including denial of service and Heartbleed.

The research, alongside Symantec’s study of wearable devices last week, pours cold water on widespread usage of wearables in the enterprise markets.

“A couple of security concerns on a single device such as a mobile phone can quickly turn to 50 or 60 concerns when considering multiple IoT devices in an interconnected home or business,” the paper warns.

The researchers analysed IoT devices from all over the home, from TV manufacturers to thermostats, with the majority including some form of cloud service.

The stats were worrying. Only one in five devices analysed asked for passwords of “a sufficient complexity and length”. In case you’re wondering what this supposed complexity it is, the report notes that most devices allowed ‘1234’ as a password, which is about as strong as a non-alcoholic beer.

Similarly, seven of the 10 devices analysed used unencrypted network services, which is more worrying when you consider nine out of 10 collected at least one piece of personal information, be it from the device, the cloud, or the mobile app.

Gartner’s latest Hype Cycle puts IoT firmly at the top of the hype section – with wearable user interfaces just ahead – and given Gartner predicts the Internet of Things will comprise 26 billion units by 2020, there’s still a long time to go here.

It’s something the paper acknowledges, although the final page of the report is chock-full of ideas to improve matters. The researchers advocating conducting a security review of devices, implement security standards that all devices must meet before production, and ensure security is a consideration throughout the product lifecycle.

This isn’t particularly thrilling advice, but it’s solid best practice that will result in a lot less hacks.

Check out the full report here.


https://www.iottechexpo.com/northamerica/wp-content/uploads/2018/09/all-events-dark-text.pngInterested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.

Leave a comment


This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.