66 percent of British consumers are worried about hacks and breaches against their connected devices, mobile security specialist Bullguard has found.
The firm undertook a survey of over 6,000 residents in the UK and discovered a number of concerns faced by consumers as IoT continues to grow in dominance.
It found that over a quarter of consumers plan on purchasing IoT devices over the next 12 months, so clearly this is an area in demand. By 2020, there’ll be 34 billion devices connected to the web, according to BI Intelligence.
78 percent of consumers are concerned about IoT security risks such as viruses, malware and hackers, and 34 percent have already experienced some form of security incident. 57 per cent also worry about privacy breaches.
What’s worrying is the fact that despite having worries, 22 percent of consumers with advanced IT skills aren’t confident in their approaches to securing their devices.
When the respondents were asked to rate their computing skills, 63 percent described themselves as intermediate or advanced. As well as this, while 86 percent can set up their own router, 72 percent don’t know how to configure it to keep their home network secure.
Internet of Business recently reported that more than half of British and German drivers have fears relating to the security of their connected cars, with the majority agreeing that responsibility of security breaches should rest with manufacturers.
Also read: How secure is the Internet of Things?
IoT security is imperative
Paul Lipman, CEO of BullGuard, said: “Most of us have been working with internet connected devices such as computers, smartphones and tablets for some time.
“But the Internet of Things is changing our perception of personal security, for both ourselves and our data. It’s not just those who consider themselves ‘technophobes’ that have these concerns – tech savvy users are saying the same.”
“With devices such as security cameras, alarm systems and door locks now being connected to the internet, physical security is becoming as much of a consideration for consumers as data security. Keeping these devices secure is absolutely imperative.”
IoT security is “fundamentally broken”
Cesare Garlati, chief security strategist at the Prpl Foundation, believes that the security of IoT is broken and that firmware can be modified too easily.
He told Internet of Business: “The security of the Internet of Things is fundamentally broken. Developers and manufacturers understandably are eager to get their new hi-tech devices to market and unfortunately often overlook security, instead operating under the misapprehension that security-by-obscurity in their proprietary systems will do.
“The problem is that security researchers and those with more malicious intent can quite easily extract binary code from devices via JTAG, or find it online in the form of updates, and reverse engineer via one of the many tools readily available.
“Furthermore, a lack of security subject matter expertise amongst engineers creates major vulnerabilities, compounded by the fact that firmware can too easily be modified; and a lack of separation on the device opens up further avenues for attackers.
Garlati says the focus for most tech companies is on user experience and says regulators need to ensure manufacturers update devices regularly.
“As it stands today, the consumer technology industry prioritises the user experience over everything else. In an ideal world, regulators would understand this and impose a bare minimum standard for security updates – forcing manufacturers to administer these, so devices are not left unpatched for too long,” he said.
Also read: Privacy and security could hold back IoT adoption
Devices a point of entry for attacks
Carl Leonard, principal security analyst at tech security firm Forcepoint, added in an interview with IoB: “Many IoT devices provide a potential point of entry for attack, presenting a risk far beyond the obvious impact of compromising the device itself, which may require network infrastructures to be adapted to securely integrate these devices.
“Sensitive information may also leave organisations through cameras and microphones, particularly those equipped with “voice activation” featured in many appliances. Or, threat actors may obtain useful information through GPS and other auto-reporting devices.
“Of course, any potential breach or interruption can be significant, but the IoT vastly increases that likelihood. This new reality requires IT teams to monitor yet another area of vast security risks, further stretching their already limited resources.”