8/4/2014 1:12:42 PM
HP Internet of Things Study Shows Majority of IoT Devices Contain Serious Vulnerabilities
App Developer Magazine

HP Internet of Things Study Shows Majority of IoT Devices Contain Serious Vulnerabilities

Stuart Parkerson Stuart Parkerson in Mobile Tech Monday, August 4, 2014

HP has released new research, The Internet of Things State of the Union Study, which reveals that 70 percent of the most commonly used Internet of Things (IoT) devices contain serious vulnerabilities.
The study is an outgrowth of HP’s OWASP Internet of Things Top 10 Project. The projects goal is to educate the IT community on the main facets of Internet of Things security that enterprises should be concerned with. HP decided to use that project as a baseline for testing the top 10 IoT devices being used today. HP bought these top 10 IoT devices, tested them and has now published the study, which looks at the testing results and provides insight into what the results mean. 
HP found that on average there were 25 vulnerabilities found per device, totaling 250 vulnerabilities. The main types of vulnerabilities were: privacy concerns;  insufficient authorization; lack of transport encryption; insecure web interface; and inadequate software protection.

HP suggests these thoughts to take from the report:

- Internet of Things security is not one-dimensional. You need to look at all the surface areas discussed in the report and in the OWASP Internet of Things Top 10 Project in order to have a complete view of your risk.

- IoT Security is not just a consumer problem. Corporations need to be looking at how their ICS and SCADA systems fare when looked at under a similar light.

- The current state of Internet of Things security seems to take all the vulnerabilities from existing spaces, e.g. network security, application security, mobile security, and Internet-connected devices, and combine them into a new (even more insecure) space, which is troubling.

Read more: http://fortifyprotect.com/HP_IoT_Research_Study.pd...


Your name and email will not be public or shared in any way.

A new way to manage your development projects

Learn the best ways to organize your app development projects, and keep code straight, clients happy, and breathe a easier through launches.

The Latest Nerd Ranch Guide (3rd Edition) to Android Programming

Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.

Starting your own app business?

How to create a profitable, sustainable business developing and marketing mobile apps.