How Secure Is the Internet of Things?
With a worldwide recognition of smart devices security and privacy issues have escalated as dramatically as never before.
As we’ve already mentioned in our recent post, a large number of IoT devices, from household appliances to tracking systems, have become widely adopted by consumers. Gartner estimates that 25 billion connected "Things" will be in use by 2020. Such expectations naturally bring up a lot of security questions, because the more devices are connected, the less control can be obtained over them. Therefore, IoT is a perfect platform for hackers to attack individuals and reveal sensitive personal data.
It means that most devices which can collect and store personal data, such as smart TVs, wearables, door locks, medical appliances, etc. are exposed to hacking attacks.
According to Internet of Things Research Study made by Hewlett Packard, 70 percent of the most commonly used Internet of Things (IoT) devices contain serious vulnerabilities.
What are the main weak points discovered in smart devices?
Different smart devices collect sensitive information such as credit card data, date of birth, and even health information. What if the attacker successfully cracks the Wi-Fi password and gets access to the local network? Moreover, some devices send the information unencrypted and use cloud services, and this questions the privacy of transmitting the information.
Weak authorization process
Allowing simple passwords is a commonplace practice of many smart devices. Stepping on the same rake, most devices together with their cloud and mobile components do not require passwords of sufficient complexity and length.
Software is a driving force of any device. It’s rather alarming that some devices showed issues with no encryption during the downloading of the update.
Some cloud services have logical errors, which can allow an attacker to obtain sensitive customer information or access devices without authentication.
Probably the main issue stems from the fact that there is still no antimalware products for IoT devices. If malware infiltrates a smartphone, other connected devices are at risk. When interacted with a smartphone, smart devices can be compromised for a long time.
Security companies conduct many reports that highlight the main security-related problems. All of the abovementioned issues should be a good incentive for the producers to improve protection throughout all levels.
Source: Hewlett Packard Research, Internet of things research study 2015 report, published November, 2015, http://h20195.www2.hp.com/V2/GetDocument.aspx?docname=4AA5-4759ENW&cc=us&lc=en