#1
Enterprise Security
Choice
of DIGITAL WORLD
Security Flaws of Internet of Things
An ISO 27001 Certified Company
www.escanav.com
An alarming research has showed that around 70% of the most common IoT devices have security vulnerabilities. The study also discovered good number of flaws across various products tested. The tested device, along with cloud and mobile app elements, were from categories like TVs, webcams, home thermostats, remote power outlets and sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers. These were tested with manual and automatic tools and assessed their security rating according to the vendor neutral OWASP Internet of Things Top 10 list of vulnerability areas. The results raised significant concerns regarding user privacy and the potential for said devices and their cloud and app elements to be exploited by attackers. Some 80% of devices studied allowed weak passwords; 70% didn’t encrypt data transmissions out to the internet; 60% had cross-site scripting or other flaws in their web interface; and 60% didn’t use encryption when downloading software updates. In addition, 80% raised privacy concerns in terms of the sheer amount of personal data being collected, said HP. A total of 250 security concerns were uncovered across all tested devices, which boils down to 25 on average per device.