Home Business IT Security Internet of Things is '70 percent hackable'

Internet of Things is '70 percent hackable' Featured

The Internet of Things is promising a heady future of connected homes and connected businesses but hackers are currently threatening the outcome, according to a new study from multinational tech firm Hewlett-Packard.

The study looked at 10 kinds of Internet of Things gadgets, such as smart TVs, webcams and thermostats, and found 70% of all Internet of Things devices are hackable.

It found there was average of 25 different vulnerable points in each device, meaning 250 vulnerabilities across just 10 devices. That's a lot of legroom for hackers to move, and may point to a potential future in which people's entire homes can be hacked.

The problems involved things like password strength, encryption software and a general lack of security checks for using the devices.

HP said in a statement: “Late last year, we were hearing a lot about Internet of Things, and a bit about IoT security, but had not seen anything that focused on the complete picture of IoT security, i.e. all the various surface areas that represent the IoT ecosystem. So, we decided to start the OWASP Internet of Things Top 10 Project, which aims to educate on the main facets of Internet of Things Security that people should be concerned with.

“Then earlier this year, we decided to use that project as a baseline for testing the top 10 IoT devices being used today. We bought them, shipped them to Craig Smith's home lab, and beat up on them for around three weeks.”

The biggest areas of wekness were:

  • Privacy concerns
  • Insufficient authorization
  • Lack of transport encryption
  • Insecure web interface
  • Inadequate software protection

That's not all. According to a recent Pew report, almost everything will be connected by the Internet of Things in the next twenty years or so, meaning locking down these devices and putting a focus on security should be a priority for both homes and businesses.

"As the number of connected IoT devices constantly increases, security concerns are also exponentially multiplied," the Pew report states.

"A couple of security concerns on a single device such as a mobile phone can quickly turn to 50 or 60 concerns when considering multiple IoT devices in an interconnected home or business. In light of the importance of what IoT devices have access to, it’s important to understand their security risk."

Tech news source Re/Code says the problem lies in the fact each of the devices are essentially tiny computers, and “the people building them aren’t going to the effort to secure them the way they would a more traditional computer.”

“As we connect the washing machine, as we connect the refrigerator; as your car now talks to Facebook, are we ready for this kind of interaction? Is the security in place?”

"A world of interconnected “smart” devices is here, albeit in the early stages," the report concludes.

"By 2020, Gartner predicts, the Internet of Things will be made up of 26 billion “units”. Fortunately, there’s still time to secure devices before consumers are at risk."

FREE WHITEPAPER - RISKS OF MOVING DATABASES TO VMWARE

VMware changed the rules about the server resources required to keep a database responding

It's now more difficult for DBAs to see interaction between the database and server resources

This whitepaper highlights the key differences between performance management between physical and virtual servers, and maps out the five most common trouble spots when moving production databases to VMware

1. Innacurate metrics
2. Dynamic resource allocation
3. No control over Host Resources
4. Limited DBA visibility
5. Mutual ignorance

Don't move your database to VMware before learning about these potential risks, download this FREE Whitepaper now!

DOWNLOAD!

David Swan

David Swan is a tech journalist from Melbourne and is iTWire's Associate Editor. Having started off as a games reviewer at the age of 14, he now has a degree in Journalism from RMIT (with Honours) and owns basically every gadget under the sun.

Connect