August 6, 2014
Security Concerns For The Internet Of Things
Eric Hopton for redOrbit.com - Your Universe Online
Gartner, one of the world’s leading technology research and advisory companies, is forecasting that by the year 2020 the number of installed Internet of Things (IoT) devices will reach a staggering 26 billion units, far outstripping the growth of other connected devices. This figure does not include PCs, tablets, or smartphones but is still thirty times greater than in 2009. Elsewhere, however, concerns are being raised about the security of IoT devices.Gartner describes the IoT as “the network of physical objects that contain embedded technology to communicate and sense or interact with their internal states or the external environment.” In their latest report the company predicts that on a global scale the “economic value-add through sales into diverse end markets” could be worth as much as $1.9 trillion.
Potential uses for IoT devices will include medical, industrial, agricultural, and even military applications with added functionality for automation, robotics, and safety applications.
The ability of the IoT to provide highly complex and accurate sensors and around the clock monitoring will see huge potential growth in the transportation and utility distribution fields. Financial and banking markets will benefit from improved security, mobile and micropayment systems and improvements in insurance underwriting as IoT monitoring will provide real-time data on things like home security and driving habits.
Gartner also foresees a big fall in component costs with processors being available for as little as $1 which will help meet the rising demand for IoT technology.
The rapid surge in IoT applications has the potential to revolutionize our everyday lives. But are the security implications of such rapid change being fully taken into account? A new report by HP Security Research suggests that there are already serious weaknesses and that, as the number of connected devices grows, “security concerns are also exponentially multiplied.”
As the report points out, a couple of security issues on a mobile phone, for instance, can become 50 to 60 potential problems when that device is part of an interconnected home or business IoT network.
The survey analyzed a wide range of devices including TVs, webcams, thermostats, sprinkler systems, multiple device control hubs, alarm systems and door locks. The findings showed that 90 percent of devices had collected personal information, yet 70 percent used unencrypted network services. 80 percent had insufficiently complex password requirements and 70 percent of devices “along with their cloud and mobile application enable an attacker to identify valid user accounts through account enumeration.” The majority of devices did not encrypt data that was transmitted via the internet or a local network. Six out of ten devices raised concerns with their web interfaces. There were also weaknesses in “cross-site scripting, poor session management and weak default credentials.”
The study recommends a number of actions users and manufacturers can take to address some of the problems. It suggests a thorough security review of all devices along with their associated components and the implementation of common “security standards that all devices must meet before production” as well as ensuring that “security is a consideration throughout the product lifecycle.”
As the Internet of Things continues its relentless exponential growth it seems that the security considerations it raises need to be addressed. This in itself is yet another potential growth opportunity for the internet security sector.
SHOP NOW: Honeywell Wi-Fi Smart Thermostat