With the rise of smart thermostats, wearable tech and even driverless cars, the Internet of Things is starting to become a reality. But new research by Hewlett Packard suggests password security and encryption issues could leave most of these current devices vulnerable to attacks.
The hardware firm found that 70% of Internet of Things (IoT) devices are vulnerable to security risks, new research from hardware giant HP claims.
HP tested ten devices to see how open they are to security risks and concluded that eight out of ten of the devices would potentially allow hackers to access data, such as the owner’s name, email address, home address, date of birth, credit card credentials and health information.
An even higher number (90%) revealed information about the device itself or the cloud or mobile application it was running.
Even devices with a password activated weren’t able to stop HP accessing the data. The report said 80% of the devices were easy to guess with many of the IoT devices allowing passwords of no complexity to be set up, such as 1234.
Encryption also posed a problem, as 70% of the devices tested didn’t encrypt information sent over the local network or wider internet, while 60% lacked app encryption for software updates.
Mike Armistead, vice president and general manager of Fortify Enterprise Security Products at HP, said: “With the continued adoption of connected devices, it is more important than ever to build security into these products from the beginning to disrupt the adversary and avoid exposing consumers to serious threats.
