HP Fortify, in its recent Internet of Things Security: State of the Union study, revealed that 70% of these commonly used Internet-of-Things devices - TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers - contain security vulnerabilities.
The study was conducted using HP Fortify's HP Fortify on Demand, which scanned these devices for various security attributes that will expose these devices and their applications to various form of security attacks. Based on the study, the percentage of devices that failed to conform to these list of security concerns are: leakage of personal information: 80% percent, weak passwords: 80 percent, lack of transport encryption: 70 percent, insecure web interface: 60 percent and inadequate software protection: 60 percent.
According to HP Fortify, the test was conducted on these devices and their cloud, network and client applications components and the 10 IoT devices produced on average 25 vulnerabilities per device. HP Fortify also highlighted that given the estimate for the number of IoT devices in 2020 of 26 billion and expected revenue of USD300 billion, it is critical for manufacturers, end-users and cloud services and application providers, including network operators to ensure that these security concerns are well addressed across their IoT solutions and services offerings.
"While the Internet of Things will connect and unify countless objects and systems, it also presents a significant challenge in fending off the adversary given the expanded attack surface. With the continued adoption of connected devices, it is more important than ever to build security into these products from the beginning to disrupt the adversary and avoid exposing consumers to serious threats.”
- Mike Armistead, Vice President and General Manager, Fortify, Enterprise Security Products, HP
