View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

‘Serious vulnerabilities’ on the Internet of Things

HP report raises more concerns about future of connectivity.

By Jimmy Nicholls

Seven out of ten of the most commonly used Internet of Things (IoT) devices have "serious vulnerabilities", according to tech company Hewlett-Packard (HP).

Tests revealed 250 flaws across the devices, including privacy concerns in eight cases, weak password policies in the same number, and a lack of transport encryption in seven cases.

Daniel Miessler, practice principal at HP, said: "The current state of Internet of Things security seems to take all the vulnerabilities from existing spaces – network security, application security, mobile security and Internet-connected devices – and combine them into a new, even more insecure space, which is troubling."

Six of the devices had user interfaces that concerned the company, and the same number had troubling software or firmware, including unencrypted updating protocols.

"IoT security is not just a consumer problem," Miessler added.

"Corporations need to be looking at how their ICS (industrial control) and SCADA (supervisory control and data acquisition) systems fare when looked at under a similar light."

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

The devices investigated included a television, a home thermostat and a door lock, with most of items said to include some form of cloud service.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.