The Internet of Things (IoT) has connected everything from smoke alarms to fridges and cars, making life easier and safer – but it has also given hackers a new way to attack their victims, warns HP.
In a study of the ten most popular IoT devices (which it did not name in its report) HP found 250 potentially dangerous security vulnerabilities.
The devices came from manufacturers of TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers.
All of the devices included remote smartphone applications which were used to control them.
It was found that 90 per cent of the devices collected personal information, 70 per cent transmitted that data on an unencrypted network and 60 per cent had insecure user interfaces. Eight out of ten failed to require a strong enough password.
There’s more at the link.
The real danger is that these devices inside your home are also inside the firewall provided with your wireless Internet router – in other words, if they’re designed or programmed with malicious intent, you’ll never know it until after they’ve done their job and compromised your security. In fact, unless you have very good tracing programs, you may never know that your security has been compromised. Think about it. In the not too distant future your light dimmer switch, or your TV remote, or your refrigerator, may be storing every login ID and password you use over the Internet, storing them, and sending them to a remote site either on a fixed schedule or on command. So much for your online bank accounts . . .
Personally, I’ll be avoiding anything linked to the ‘Internet of Things’ like the plague – and if I can’t avoid buying a ‘connected’ item (because there are no alternatives), I’ll be disabling its connectivity first thing, if necessary with a knife or a pair of pliers. I’ll also be using the most comprehensive monitoring software I can afford, to track anything in my home that’s trying to call out – and stop it.