As companies push the Internet of Things into the maintsream, it is security, not privacy, that remains the core concern.
Ted Harrington, executive partner with Baltimore-based Independent Security Evaluators, believes “smart” home items could be gateways to hacks.
“All these connected devices are connected to each other: So you compromise that light bulb as a pivot point … you pivot into the network the light bulb is a part of, and now you get the assets that are contained therein,” Harrington told The Globe and Mail—assets that could be personal information as critical as banking data or identity credentials. “Connected devices enable attackers. That stuff’s not safe right now,” he says of things as seemingly innocent as a thermostat.
Multiple recent reports on connected home security systems that suggests the emerging smart home trend could be putting consumers at higher security risks.
“All of the studied devices used in home security contained significant vulnerabilities,” an HP Fortify report warned, “including enumerable usernames, weak password policy and no account lockout … we continue to see significant deficiencies in the areas of authentication and authorization along with insecure cloud and mobile interfaces.”
Meanwhile, Symantec analyzed smart home devices and took a look at how they measure up when it comes to security. It and found “many of these devices and services have several basic security issues.”
“You attack the weakest device , and an IoT device usually has weak or no authentication with other devices on that same network,” Harrington told The Globe and Mail.