View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Majority of IoT devices ‘vulnerable’ to cyber attacks says HP

25 vulnerabilities were discovered per IoT device.

By CBR Staff Writer

Internet of Things (IoT) devices contain numerous flaws which can make them highly vulnerable to cyber attacks, a new report has found.

About 70% of the most commonly used networked devices contain flaws a the HP report noted.

Despite averaging 25 vulnerabilities per product, the number and diversity of connected devices is anticipated to rise exponentially, with Gartner forecasting that IoT device numbers are to rocket to 26 billion units by 2020.

HP Enterprise Security Products VP Mike Armistead said: "While the Internet of Things will connect and unify countless objects and systems, it also presents a significant challenge in fending off the adversary given the expanded attack surface.

"With the continued adoption of connected devices, it is more important than ever to build security into these products from the beginning to disrupt the adversary and avoid exposing consumers to serious threats."

HP found that of the overall 10 of the most popular IoT devices scanned, on average, 25 vulnerabilities were discovered per device, totalling 250 security issues across all tested products.

Of the overall vulnerabilities, HP found that eight of the 10 devices tested raise privacy issues concerning the collection of consumer information including name, email address, home address, date of birth, credit card credentials and health information.

Content from our partners
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business
When it comes to AI, remember not every problem is a nail

About 80% of IoT devices failed to necessitate passwords of required complexity and length, with a majority of them allowing passwords such as ‘1234’.

As part of tests, about 70% of IoT devices were not able to encrypt communications to the internet and local network, while half of the devices’ mobile applications executed unencrypted communications to the cloud, internet or local network.

Furthermore, HP found that six of the 10 devices raised security concerns with their user interfaces, while 60% of them did not use encryption when downloading software updates.

Gartner anticipates that the IoT product and service suppliers would generate incremental revenue surpassing $300bn, mostly in services, in 2020.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.