New study shows 70 percent of home IoT devices vulnerable to attack

IoT seems so clean, safe, comfy even... but it isn't. (image via HP)

As technology continues to advance, some wonder if it’s becoming easier or more difficult to compromise personal information. That’s why HP decided to conduct a study that observed the vulnerabilities of home security systems managed by the Internet of Things; the results were horrifying.

HP took 10 IoT-connected Home Security Systems and tested them across various standards of network security, including assessing basic password strength, security posture variance and network vulnerabilities. The researchers did not reveal the names of the security systems tested, but they warned home owners to be mindful of security when choosing the right system for them, as all 10 of the units tested featured alarming security vulnerabilities.

All 10 of the home security systems tested easily enabled account harvesting using the Cloud. HP researchers were able to hack the Cloud and log into security systems fraudulently, giving them access to user information, location and security videos on home security units – and that’s not all. All 10 of the systems also allowed for incredibly weak passwords, such as “12345,” and did not exhibit account lockouts after failed login attempts. Other huge security weaknesses were observed as well, including the failure to encrypt software updates and inconsistency in network security strength across devices, exhibited by seven of the 10 systems. While these weaknesses may seem small, together, they allow for a significant increase in overall security risks. HP says it isn’t just a problem with IoT-connected Home Security Systems either, but in fact a bigger issue with the Internet of Things at large.

The aforementioned study was actually the second study executed by HP researchers testing the security of devices connected via the IoT. In a previous study, the researchers looked at 10 different devices and watched for network insecurity; once again, the results were unnerving. Each device exhibited roughly 20 network vulnerabilities, each. That’s a lot of opportunity for an average hacker to compromise the information of anyone relying on the newer technology.

The real issue with the IoT, according to HP, is the variance in network security across multiple devices. One household may have 10 various devices relying on one network. While it’s a dream come true for consumers, who can seamlessly use their devices with across-the-board connectivity, it’s also a dream realized for hackers looking for an easy target. Until the IoT can function as one secure, collective network, HP researchers argue it will continue to exhibit network insecurities that put consumers at risk of being hacked.

The prospective of keeping IoT networks secure is grim, according to HP researchers. Connecting hundreds of devices to the internet without strong security software to begin with is a ticking bomb, they argue. Hacking into home security systems allows for relatively untraceable home robbery. Uploading banking information and other personal information to the IoT may greatly increase the risk of identity theft as well. With any hope, HP’s recent studies will call developers to focus on enhanced network security in the face of a generation suffering from an insatiable thirst for instant gratification and ease-of-use. Until then, however, be careful in selecting a home security system that’s connected via the IoT, unless, of course, you like strangers watching you through your own security cameras. But, there’s no accounting for taste. 

C

See more news at:

http://twitter.com/Cabe_Atwell