Security systems connected to the Internet of things (IoT) could create an unexpected back door that puts owners at risk, according to a new security report from Hewlett-Packard. Specifically, brute-force attacks can be especially helpful in breaking through security, with manufacturers neglecting to use lockout procedures after failed repeated login attempts.
In addition, there were security vulnerabilities found in user interfaces on mobile, desktop and cloud platforms utilized by home owners. HP didn't disclose which vendors it used in its IoT security system study, but this appears to be a major problem that must be addressed.
"The results were pretty startling," said Daniel Miessler, practice principal at HP Fortify, in a statement to eWeek. "The big finding was that 10 out of 10 systems could be brute-forced to extract usernames and passwords via the Internet."
IoT devices are increasing at a rapid pace, whether they are secure or not, and will keep cybersecurity specialists busy. Experts recommend manufacturers and software developers include security protocols prior to product launches - and force consumers to be more proactive in ensuring devices are password-protected.