HP has revealed that 70 per cent of connected devices are open to security threats as manufacturers rush to sell devices before they’re ready.
Internet of Things State of the Union Study found that 10 of the most popular Internet of Things (IoT) devices including TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers could be hacked.
On average, each IoT device had 25 vulnerabilities, including those linked to privacy, insufficient authorisation, lack of transport encryption, insecure web interfaces and inadequate software protection.
Daniel Miessler is a practice principal with Fortify on Demand, who conducted the study on behalf of HP. He said: “We hope that this study will help consumers, SMBs, corporations, and manufacturers to gain some level of improved understanding of their risk related to Internet of Things security, and to place some focus on the issues highlighted in the report when making decisions in the future.”
The study said the biggest concern was privacy, and detailed how information such as name, address, date of birth, health information and even credit card numbers were easily revealed on the devices tested.
Many of the devices also allowed users to input insecure passwords such as ‘1234’, which were used for multiple accounts installed on the devices, so that hackers could access much more than just your email account.
HP’s research also found that neither data on the device, nor software updates, were encrypted sufficiently, plus data sent using the web browser could potentially allow hackers to intercept sensitive information.
The report concluded: “A world of interconnected ‘smart’ devices is here, albeit in the early stages. By 2020, Gartner predicts, the Internet of Things will be made up of 26 billion ‘units’.”
Fortunately, there’s still time to secure devices before consumers are at risk, it said, but manufacturers must take action now to ensure products coming off production lines are free of vulnerabilities.
HP’s report is only the latest in a string of security warnings for smart home technology, with many smart TVs shown to be vulnerable to attack.
Hackers were recently challenged to break into a range of broadband routers at the DefCon 22 event.