IoT security vulnerabilities include password and encryption issues

By: Costea Lestoc
2 minute read
iot security

IoT smart devices are part of a very lucrative market, and consumer IoT spending is set to reach somewhere around $62 billion this year.

The influx of connected devices from our lives is continually increasing, so it’s no surprise that IoT security was one of the leading topics at 2018 RSA Conference. Don’t get your hopes too high, because this doesn’t mean that there’s also any flawless viable solution involved for the moment.

IoT devices are plagued by security issues

John Cook, Symantec’s senior director of product management, spoke at RSAC as well, saying that:

A lot of the manufacturing behind IoT devices today feels like the Gold Rush… everyone wants to get there in a hurry. You effectively have people staking out a claim in the area without further thought to security.

After the 2016 Mirai botnet attack which was created as a distributed denial of service attack via 300,000 vulnerable devices such as webcams, video recorders and routers showed the horrible effect of the lack of security in IoT devices. Unfortunately, nothing has notably changed so far.

ESET’s Tony Anscombe proved this by spending tons of time testing 12 IoT devices and found more security issues from encryption problems to passwords that were stored in plain text. He also addressed the issue during the RSAC referring to privacy policy concerns.

IoT device manufacturers see security as too pricey

Unfortunately, manufacturers are currently looking at security as if it were a costly alternative to other factors that low-power connected devices need. According to Fitbit’s Marc Brown, lots of IoT manufacturers would always choose using low power cheaper chips instead of stronger ones that provide a higher level of security.

Manufacturers are trading off encryption for low power chips, lower prices, storage space, and battery life,” Bown said.

What can manufacturers do to enhance security

The first step that manufacturers should take for increased security ould be to understand how a device will be used and use that understanding afterward. Bown talked about threat modeling and about the fact that manufacturers have to think about all the situations in which devices can protect themselves. Symantec’s Cook added that the push for manufacturers to move their focus towards increased security needs to ultimately come from end users.

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Discussions

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading