Will Security Flaws Stifle the Internet of Things?

HP's latest report shows how vulnerable Internet of Things devices are, but the real issue is how fast these devices are growing.

Aug 5, 2014 at 10:00AM

Internet Of Things Qualcomm
Source: Qualcomm

Home automation and Internet of Things, or IoT, devices -- which can communicate with other devices and communicate data -- have been on the market for years. Everything from TVs, light bulbs, and door locks to alarm systems and sprinklers can be controlled remotely through mobile apps.

Last week HP (NYSE:HPQ) published research highlighting huge vulnerabilities with most of the top 10 home IoT devices on the market.

The company found that 70% of the devices used unencrypted network services, the majority of them with login requirements could easily be bypassed with standard passwords like "12345", and nearly all of them collected at least one piece of personal information. This lead HP to conclude that 80% of the devices have serious privacy concerns.

But just as HP noted, this isn't the first time a laxness in security has been exposed.

Back in 2013, a Forbes staff writer, Kashmir Hill, legally tapped into eight homes of people using Insteon home-automation products. She was able to find their systems on the Web through a flaw in the company's software, then tapped into the lights in the home. In some cases, she could even find out the physical address of the homeowners, names of their kids, and other personal information. The company then issued a recall of the vulnerable devices, released a new secured-hub system, and then required passwords for controlling the devices.

So, what's the point? HP's latest data shows that companies still have yet to make security a priority. Right now, 70% of the most popular IoT devices on the market contain major vulnerabilities.

Even after the Heartbleed bug, Target's credit card debacle, and the Forbes experiment, some companies still don't take security seriously. The problem is that IoT devices are about to take off. Gartner expects about 26 billion connected things by 2020.

Security as a priority
A few months ago, Intel's (NASDAQ:INTC) worldwide chief technology officer for security, Michael Fey, said, "Security needs to be built in as the foundation of the Internet of Things. Any disruption to these IP connected devices can cause damage to the business and our daily lives. We need to have foresight into what is coming so we can prevent against threats and securely manage these devices."

Intel has a pretty big incentive to secure IoT. The company made far more revenue from it's IoT division in the most recent quarter than it did from mobile. But Intel's not alone in its ambition. Cisco, General Electric, IBM, and AT&T have joined Intel to create the Industrial Internet Consortium, or IIC, partly to determine security standards.

IIC is tackling Internet of Things security in three main ways: endpoint security, secure communications, and security management and monitoring. Those are all very vague descriptions, but basically they mean that IIC will set up standards to make IoT devices secure when used by themselves, when connected to other devices, and establish ways to monitor device security.

To do this, IIC will run tests once the standards have been set in place. The consortium says on its website that it's "systematically designing and incorporating security into the reference architecture(s) of the Industrial Internet from the start, as opposed to adding it as an afterthought."

As companies launch new ways to automate home devices, security becomes more important. In June, Apple debuted HomeKit, its home automation platform, that pairs third-party devices together to seamlessly communicate with iOS 8. Qualcomm already has its AllJoyn platform, and Google's Nest recently launched its own platform for connected home automation devices as well. Of course, IoT devices go far beyond home automation, and according to IDC, by 2020 the entire Internet of Things market is expected to grow to $8.9 trillion. 

With that kind of growth, tech companies likely won't slow their IoT innovations -- but it's still unclear whether that means security features will be able to keep the same pace.


Chris Neiger has no position in any stocks mentioned. The Motley Fool recommends Apple, Cisco Systems, Gartner, Google (A shares), Google (C shares), and Intel. The Motley Fool owns shares of Apple, General Electric Company, Google (A shares), Google (C shares), Intel, International Business Machines, and Qualcomm. Try any of our Foolish newsletter services free for 30 days. We Fools may not all hold the same opinions, but we all believe that considering a diverse range of insights makes us better investors. The Motley Fool has a disclosure policy.

4 in 5 Americans Are Ignoring Buffett's Warning

Don't be one of them.

Jun 12, 2015 at 5:01PM

Admitting fear is difficult.

So you can imagine how shocked I was to find out Warren Buffett recently told a select number of investors about the cutting-edge technology that's keeping him awake at night.

This past May, The Motley Fool sent 8 of its best stock analysts to Omaha, Nebraska to attend the Berkshire Hathaway annual shareholder meeting. CEO Warren Buffett and Vice Chairman Charlie Munger fielded questions for nearly 6 hours.
The catch was: Attendees weren't allowed to record any of it. No audio. No video. 

Our team of analysts wrote down every single word Buffett and Munger uttered. Over 16,000 words. But only two words stood out to me as I read the detailed transcript of the event: "Real threat."

That's how Buffett responded when asked about this emerging market that is already expected to be worth more than $2 trillion in the U.S. alone. Google has already put some of its best engineers behind the technology powering this trend. 

The amazing thing is, while Buffett may be nervous, the rest of us can invest in this new industry BEFORE the old money realizes what hit them.

KPMG advises we're "on the cusp of revolutionary change" coming much "sooner than you think."

Even one legendary MIT professor had to recant his position that the technology was "beyond the capability of computer science." (He recently confessed to The Wall Street Journal that he's now a believer and amazed "how quickly this technology caught on.")

Yet according to one J.D. Power and Associates survey, only 1 in 5 Americans are even interested in this technology, much less ready to invest in it. Needless to say, you haven't missed your window of opportunity. 

Think about how many amazing technologies you've watched soar to new heights while you kick yourself thinking, "I knew about that technology before everyone was talking about it, but I just sat on my hands." 

Don't let that happen again. This time, it should be your family telling you, "I can't believe you knew about and invested in that technology so early on."

That's why I hope you take just a few minutes to access the exclusive research our team of analysts has put together on this industry and the one stock positioned to capitalize on this major shift.

Click here to learn about this incredible technology before Buffett stops being scared and starts buying!

David Hanson owns shares of Berkshire Hathaway and American Express. The Motley Fool recommends and owns shares of Berkshire Hathaway, Google, and Coca-Cola.We Fools don't all hold the same opinions, but we all believe that considering a diverse range of insights makes us better investors. The Motley Fool has a disclosure policy.

©1995-2014 The Motley Fool. All rights reserved. | Privacy/Legal Information