HP Internet of Things Study Shows Majority of IoT Devices Contain Serious Vulnerabilities
Monday, August 4, 2014
Stuart Parkerson |
HP has released new research, The Internet of Things State of the Union Study, which reveals that 70 percent of the most commonly used Internet of Things (IoT) devices contain serious vulnerabilities.
The study is an outgrowth of HP’s OWASP Internet of Things Top 10 Project. The projects goal is to educate the IT community on the main facets of Internet of Things security that enterprises should be concerned with. HP decided to use that project as a baseline for testing the top 10 IoT devices being used today. HP bought these top 10 IoT devices, tested them and has now published the study, which looks at the testing results and provides insight into what the results mean.
HP found that on average there were 25 vulnerabilities found per device, totaling 250 vulnerabilities. The main types of vulnerabilities were: privacy concerns; insufficient authorization; lack of transport encryption; insecure web interface; and inadequate software protection.
HP suggests these thoughts to take from the report:
- Internet of Things security is not one-dimensional. You need to look at all the surface areas discussed in the report and in the OWASP Internet of Things Top 10 Project in order to have a complete view of your risk.
- IoT Security is not just a consumer problem. Corporations need to be looking at how their ICS and SCADA systems fare when looked at under a similar light.
- The current state of Internet of Things security seems to take all the vulnerabilities from existing spaces, e.g. network security, application security, mobile security, and Internet-connected devices, and combine them into a new (even more insecure) space, which is troubling.
Read more: http://fortifyprotect.com/HP_IoT_Research_Study.pd...
Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.
MEMBERS GET ACCESS TO
- - Exclusive content from leaders in the industry
- - Q&A articles from industry leaders
- - Tips and tricks from the most successful developers weekly
- - Monthly issues, including all 90+ back-issues since 2012
- - Event discounts and early-bird signups
- - Gain insight from top achievers in the app store
- - Learn what tools to use, what SDK's to use, and more
Subscribe here