- The report was published by IoT software company Pepper, in collaboration with security firm Dark Cubed.
- It revealed that many devices had improper security implementations, making them vulnerable to large scale attacks.
IoT, which is going to be the norm in the next couple of years, is apparently plagued with security issues. An independent research report by Pepper IoT and Darkcubed showed frightening insights into how IoT devices were prone to cyber attacks. Due to their innate security shortcomings, IoT devices, especially those controlled by smartphones are majorly at risk.
Key Findings from the Report
- In the study, 12 IoT devices were reviewed for security issues.
- Most of them lacked basic security measures such as encryption and had a poorer security infrastructure.
- Android applications controlling some of these devices were too flexible with their security permissions. In addition, these apps were linked with other third-party websites.
- The IoT companies which manufactured these devices downplayed information security in their products.
- Data was sent to Chinese companies despite some of the manufacturers being from the US. Altogether, IoT related activity was deeply rooted in China.
- Cloud infrastructure used to manage the vast IoT information were deemed insecure.
- Systemic security issues were still present after patches were released for them.
Why it matters?
If these are not mitigated in the long run, IoT networks will crumble to the core. On top of this, there are no standard regulations concerning IoT security. “We found these devices made sensitive communications without encryption, were susceptible to man-in-the-middle attacks and had a staggering volume of third-party domains referenced in the Android application” read the report.
In addition, China is the epicenter of IoT activity meaning the extensive amount of data goes unregulated. Unless collective efforts are made by IoT companies, the government, and consumers of every country, IoT will be terrifying to use in the coming days.