Smart home devices dumb on security

News by SC Staff

Of 50 smart home connected devices analalysed by Symantec, few had any basic cyber-security protection in place. Notably:

  • None of the devices use mutual authentication, enforced strong passwords or protected against brute-force attacks
  • 20 percent of the mobile apps used to control these devices do not encrypt data sent to the cloud
  • A test of 15 smart home cloud interfaces showed 10 web vulnerabilities—many of them critical—one of which could allow an attacker to remotely unlock someone's house
  • Unsigned firmware updates for these devices could also allow attackers to take over devices completely.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews