internet of things 300x173 HP New Report Says Internet of Things is a Paradise for HackersAccording to forecasts by Gartner, by 2020 there will be in circulation of more than 26 billion connected devices. EMC Corporation forecasts the digital universe of Internet of Things has doubled every two years and may be increased 10-fold between 2013 and 2020 from 4.4 trillion to 44 trillion gigabytes. But at the same time, TV, webcam, refrigerators, ovens, thermostats, and a host of other smart devices will become an easy prey for hackers.

One study, conducted by the Division of HP Fortify unit has revealed the presence of a large number of vulnerabilities in 10 Internet of Things (IoT) devices. HP did not release the names of the producers, specifying only that the majority of them uses cloud services and all include a mobile app for remote control.

HP Security Research reviewed 10 of the most popular devices and found that most of the devices have high average number of vulnerabilities per device including Heartbleed, denial of service, weak password or cross site scripting. Specifically, it was confirmed that the presence of vulnerabilities included in the top 10 device is part of the Open Web Application Security Project (OWASP). The results are quite alarming, since a single bug may facilitate chain attacks, whereas in a smart home, there may be dozens of devices interconnected.

Almost 90 percent of the devices examined in the report collect personal information such as name, address, date of birth, email, credit card number, etc. that are transmitted in un-encrypted format over the local network and on the cloud, thus endangering the privacy of users. Nearly 80 percent of the device does not require the use of complex passwords. Six of the ten devices that provide user interfaces were vulnerable to a range of issues such as persistent XSS, poor session management and weak default credentials.

Moreover, over 70 percent of IoT devices with cloud and mobile applications enable a hacker to identify valid user accounts through account enumeration. In addition, the report says 60 percent of devices displayed issues, including no encryption during downloading of the update along with the update files themselves not being protected in some manner. In fact some downloads were intercepted, extracted and mounted as a file system in Linux where the software could be viewed or modified.

These devices often run on a stripped down version of Linux, and thus will contain many of the same potential security issues that you would expect on a server or another computer running Linux. The problem is that these devices are not developed with the same attention to security as the case with a more traditional computer and server.

Gartnet in a recent report unveiled that the top digital security trends for industries are software-defined security, big data security analytics, intelligent/context-aware security analytics, application isolation, endpoint threat detection & response, website protection, adaptive access, people-centric security and securing the Internet of Things.

HP recommends manufacturers to conduct extensive testing on their devices before handing over to users, because it is quite easy to fix vulnerabilities, without damaging the user experience of the users.

Hottest IT Skills in 2013 – Cloud, Mobile and BI
In 2012, more than 1.7 million jobs in the field of cloud computing remained unoccupied, according to analysts firm IDC. READ MORE
How Cloud Computing Influences Digital Marketing
Cloud marketing has the ability to drastically change the ways in which they reach and engage their audience, particularly with regard to distributing and storing mission-critical data. READ MORE
Gartner: BYOD to Take Center Stage For Mobile App Use by 2017
More and more companies encourage their employees to work on their devices, thus reducing the cost of computer equipment, but also increase the cost to maintain licenses and safety. READ MORE
Maturity in the Cloud: Start Thinking Like a Grown-Up
Despite the inclination to wait until all of the cloud’s kinks have been worked out, holding off on cloud initiatives until the industry matures won’t guarantee success. READ MORE
PwC: Cloud, SaaS and Mobile Are Changing Software Industry
The software industry is undergoing major changes by trends such as cloud, SaaS, mobile technology and the “consumerization of IT”. READ MORE
10 Cloud Computing Game Changers
Here are the ten most influential cloud computing companies, and the reason why. READ MORE