Sunday, April 22, 2018
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Samsung QLED TVs Receive '100 Percent Color Volume' Certification
GSMA Delays eSIM Technology as U.S. DoJ of U.S. Probes Coordination With AT&T and Verizon
Apple to Replace Some MacBook Pro Laptop Batteries
ZTE's Nubia Red Gaming Phone Released
LG Display's OLED Smartphone Screens Still Not Ready For Apple
Nintendo Labo Kits Now Available
June's VLSI Symposium Focuses on Next Generation Transistor Technology and MRAM
Samsung Not Interested in Nokia's Health Unit
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > HP Says...
Last 7 Days News : SU MO TU WE TH FR SA All News

Tuesday, July 29, 2014
HP Says Internet of Things Devices Are Vulnerable to Attack


An HP study revealed that 70 percent of the most commonly used Internet of Things (IoT) devices contain vulnerabilities, including password security, encryption and general lack of granular user access permissions.

With the rise of IoT, the number and diversity of connected devices is expected to increase exponentially. According to Gartner, "the Internet of Things" will include 26 billion units installed by 2020. IoT product and service suppliers will generate incremental revenue exceeding $300 billion, mostly in services, in 2020."

This spike in demand is pushing manufacturers to quickly bring to market connected devices, cloud access capabilities and mobile applications in order to gain share. While this increase in IoT devices promises benefits to consumers, it also opens the doors for security threats ranging from software vulnerabilities to denial-of-service (DOS) attacks to weak passwords and cross-site scripting vulnerabilities.

"While the Internet of Things will connect and unify countless objects and systems, it also presents a significant challenge in fending off the adversary given the expanded attack surface," said Mike Armistead, vice president and general manager, Fortify, Enterprise Security Products, HP. "With the continued adoption of connected devices, it is more important than ever to build security into these products from the beginning to disrupt the adversary and avoid exposing consumers to serious threats."

HP scanned 10 of the most popular IoT devices, uncovering, on average, 25 vulnerabilities per device—totaling 250 security concerns across all tested products. The IoT devices tested—along with their cloud and mobile application components—were from manufacturers of TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers.

The most common and easily addressable security issues reported include privacy concerns, insufficient authorization, lack of transport encryption, insecure web interface and inadequate software protection, the study found.

For instance, HP said that 8 of the 10 devices tested, along with their corresponding cloud and mobile application components, raised privacy concerns regarding the collection of consumer data such as name, email address, home address, date of birth, credit card credentials and health information. Moreover, 90 percent of tested devices collected at least one piece of personal information via the product itself, the cloud or its mobile application. 6 of the 10 devices evaluated raised security concerns with their user interfaces such as persistent XSS, poor session management, weak default credentials and credentials transmitted in clear text. And 60 percent of devices did not use encryption when downloading software updates, an alarming number given that software powers the functionality of the tested devices.

To protect against security hazards that come along with the rise of IoT, it is imperative for organizations to implement an end-to-end approach to identify software vulnerabilities before they are exploited.

Further details resulting from the study are available at hp.com/go/fortifyresearch/iot.



Previous
Next
IBM, ACS And AT&T Claim Breakthrough In Elastic Cloud-to Cloud Networking        All News        China Starts Anti-monopoly Investigation On Microsoft
IBM, ACS And AT&T Claim Breakthrough In Elastic Cloud-to Cloud Networking     General Computing News      China Starts Anti-monopoly Investigation On Microsoft

Get RSS feed Easy Print E-Mail this Message

Related News
HP Introduces a new line of Gaming PCs
HP Introduces the HP Chromebook x2 $599 Detachable
HP Debuts New High-Performance Workstations
HPE and Dell Server Sales Soar in Q4
HP Launches Device as a Service for Apple
HP Delivers Revamped Elitebook and Zbook Lines, Additions to 4K monitor lineup and New Thunderbolt Dock G2
HP Boosts Performance of Z4 Workstation, Unveils VR Windows Mixed Reality Headset
CES 2018: HP announces the HP ENVY x2, HP Spectre x360 15, HP Z 3D Camera
HP Recalls 50,000 Laptop Batteries
HP Patches New Keylogger Software in its Laptops
HPE and Dell Continue to Lead the Storage and Server Markets
HP Patches Code execution Bug in Enterprise Printers

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2018 - All rights reserved -
Privacy policy - Contact Us .