Skip to content

TechRepublic

  • Top Products Lists
  • Developer
  • 5G
  • Security
  • Cloud
  • Artificial Intelligence
  • Tech & Work
  • Mobility
  • Big Data
  • Innovation
  • Cheat Sheets
  • TechRepublic Academy
  • CES
  • TechRepublic Premium
  • Top Products Lists
  • Developer
  • 5G
  • Security
  • Cloud
  • Artificial Intelligence
  • Tech & Work
  • Mobility
  • Big Data
  • Innovation
  • Cheat Sheets
  • TechRepublic Academy
  • CES
  • See All Topics
  • Sponsored
  • Newsletters
  • Forums
  • Resource Library
TechRepublic Premium
Join / Sign In
Internet of Things

Photos: The 11 least secure connected devices

By Olivia Krauth January 31, 2018, 12:00 PM PST

Image
1
of 11

leastsecure1.jpg
leastsecure1.jpg
Photos: The 11 least secure connected devices

1. Video cameras

Image: iStockphoto/jakkritpimpru

1. Video cameras

It’s no secret Internet of Things (IoT) devices aren’t the most secure–but what devices are the worst offenders? Tech and security experts told TechRepublic which connected devices had their vote for least secure.

For several experts, various forms of video cameras won out, especially those meant to be low cost, consumer options.

“Based on data available, it’s apparent that connected video cameras are currently the least secure connected devices,” Lancen LaChance, vice president of product management, IoT Solutions for GlobalSign, said. “The issues in these devices can be attributed to weak supply chain controls, which has resulted in the insecure and lack of vetted software being incorporated in a range of devices. By incorporating shared access credentials in the designs, a compromise of one camera has exposed entire product lines.”

Image: iStockphoto/jakkritpimpru
leastsecure2.jpg
leastsecure2.jpg
Photos: The 11 least secure connected devices

2. Baby monitors

Image: iStockphoto/AndreyPopov

2. Baby monitors

While new parents may find it convenient to connect smart baby cameras to their smartphone, ASecureLife.com security expert Emily Patterson said most monitors aren’t designed to be secure.

“Some parents may not think to change the default password, which leaves the device open to anyone who knows or finds the simple password to that batch,” Patterson said. “The firmware on these monitors doesn’t necessarily update automatically which, again, leaves them open to hacks.”

Image: iStockphoto/AndreyPopov
leastsecure3.jpg
leastsecure3.jpg
Photos: The 11 least secure connected devices

3. Environment monitoring sensors

Image: iStockphoto/chombosan

3. Environment monitoring sensors

Sensors are necessary for many connected devices, especially things that adjust based on the environment or how many people they sense. While small, they’re not necessarily secure.

“Sensors for environment monitoring and RFID tags for supply chain are typical devices that are connected but have no built-in security in order to keep the cost of devices low enough that it can be widely deployed/adopted,” Raullen Chai, co-founder of blockchain company IoTeX, said. “Security doesn’t come for free; it requires a certain amount of computation, storage, and power. For IoT, there is a natural tradeoff among usability, security, privacy and cost.”

Image: iStockphoto/chombosan
leastsecure4.jpg
leastsecure4.jpg
Photos: The 11 least secure connected devices

4. Medical devices

Image: iStockphoto/Wavebreakmedia

4. Medical devices

Medical devices and monitors can be crucial to keeping patients alive, but some of them may not be the safest.

“Many run on legacy operating systems and are designed to operate for many years on its original design,” Xu Zou, CEO of ZingBox, said. “Imaging devices, patient monitors and infusion pumps, if compromised, can reveal sensitive patient data, and even disrupt critical patient care.”

Image: iStockphoto/Wavebreakmedia
leastsecure5.jpg
leastsecure5.jpg
Photos: The 11 least secure connected devices

5. Overlooked office devices

Image: iStockphoto/Sasha_Suzi

5. Overlooked office devices

Some of the least secure devices are the ones that don’t really belong to anyone person and are typically unnoticed: Office devices. This can include conference room TVs or connected coffee pots in the break room, Portnox CEO Ofer Amitai said. They are naturally less secure as they’re typically meant for consumers, but bring more risks because they’re in a corporate environment, Amitai said.

Image: iStockphoto/Sasha_Suzi
leastsecure6.jpg
leastsecure6.jpg
Photos: The 11 least secure connected devices

6. Children’s toys

Image: iStockphoto/kiankhoon

6. Children’s toys

While much of the consumer IoT space has lower security levels, connected children’s toys may be especially vulnerable.

“IoT toy manufacturers continue to prioritize time-to-market and low cost over more thorough testing and security in an effort to penetrate the fast-moving market,” Zvelo IoT security analyst Louis Creager said. “Devices will need to get significantly more secure–the question is whether that change will be brought about by the device manufacturers, consumers, government regulators, or the network providers.”

Image: iStockphoto/kiankhoon
leastsecure7.jpg
leastsecure7.jpg
Photos: The 11 least secure connected devices

7. Cell phones

Image: iStockphoto/Rostislav_Sedlacek

7. Cell phones

Not all smartphones are unsecure. But those hosting third-party apps not downloaded from official app stores could run a much higher risk of a security attack.

“On Android and iOS, the AppStore and the Google Play Store provide a level of security,” Julian Weinberger, director of systems engineering at NCP Engineering, said. “Devices which avoid these stores are usually less secure and more likely to be compromised.”

Image: iStockphoto/Rostislav_Sedlacek
leastsecure8.jpg
leastsecure8.jpg
Photos: The 11 least secure connected devices

8. Smart door locks

Image: iStockphoto/cgj0212

8. Smart door locks

“There has been a lot of discussion around the hacking of connected devices to obtain sensitive information and data, and it seems that smart door locks have been at the center of this,” Randy Petersen, senior sales engineer at Utimaco, said. “These connected home security devices are vulnerable to begin with since they have a very low-end networking and or radio device handling the task of managing the lock, and controlling the access using some form of multi factor authentication.”

Like other consumer-centric items, it seems the cheaper the item is, the more vulnerable it is. Petersen recommends researching the device’s security–it may lead someone to buy a more expensive, albeit more secure, model.

Image: iStockphoto/cgj0212
leastsecure9.jpg
leastsecure9.jpg
Photos: The 11 least secure connected devices

9. Wireless routers

Image: iStockphoto/CASEZY

9. Wireless routers

Consumer products can be risky because some consumers are unwilling to pay for extra security, leading to unsold products and low revenue for businesses. One of the victims of this situation are wireless routers, Kevin Hartman, vice president of strategic initiatives at SPR, said.

“The majority of so many of these devices were built years ago at moderate prices and with little regard for a tighter initial setup,” Hartman said of routers.

Image: iStockphoto/CASEZY
leastsecure10.jpg
leastsecure10.jpg
Photos: The 11 least secure connected devices

10. Printers

Image: iStockphoto/FabrikaCr

10. Printers

“Though it might seem surprising, an unconfigured printer can jeopardize the security of a corporate network by leaving it vulnerable to discovery and remote access,” Christoph Schell, Americas region president for HP, said. “This, coupled with the highly sensitive information printers regularly host, make them perfect targets for cybercriminals looking to steal company data.”

The office printer can get a security boost by changing the passwords and limiting access to authorized personnel, Schell said.

Image: iStockphoto/FabrikaCr
leastsecure11.jpg
leastsecure11.jpg
Photos: The 11 least secure connected devices

11. Connected cars

Image: iStockphoto/chombosan

11. Connected cars

With self-driving and connected cars emerging as a technology and more connected options being touted at CES 2018, cars are becoming an at-risk IoT device, Josh Jabs, the general manager of IoT solutions at Entrust Datacard, said.

“While there may be other devices, such as connected speakers or washing machines that technically have less security built into them, their privacy and safety risks are much less severe,” Jabs said. “If hacked, the car can provide hackers with access to location and destination information, as well as remote access to the car’s functions such as braking or steering.”

Also see

  • Internet of Things policy (Tech Pro Research)
  • What is the Internet of Things? Everything you need to know about the IoT right now (ZDNet)
  • Only 9% of consumers fully trust IoT devices, but many refuse to disconnect (TechRepublic)
  • Special report: Cybersecurity in an IoT and mobile world (free PDF) (TechRepublic)
Image: iStockphoto/chombosan
  • Internet of Things
  • Security
  • Account Information

    Share with Your Friends

    Photos: The 11 least secure connected devices

    Your email has been sent

Share: Photos: The 11 least secure connected devices
Image of Olivia Krauth
By Olivia Krauth
Olivia Krauth is a multiplatform reporter at TechRepublic.
  • Account Information

    Contact Olivia Krauth

    Your message has been sent

  • |
  • See all of Olivia's content

TechRepublic Premium

  • TechRepublic Premium

    Employee performance review policy

    PURPOSE The purpose of this policy from TechRepublic Premium is to provide guidelines for employee performance reviews, which will clearly document accomplishments and areas of opportunity via an encouraging and thought-provoking analysis. This will assist in determining the next steps for employees as well as their future at the organization. This policy can be customized ...

    Published:  March 20, 2023, 12:00 PM EDT Modified:  March 21, 2023, 4:00 PM EDT Read More See more TechRepublic Premium
  • TechRepublic Premium

    Employee time off policy

    PURPOSE The purpose of this policy from TechRepublic Premium is to provide guidelines for requesting, filing and permitting paid/unpaid time off as well as to ensure coverage during holidays, vacation(s) and other absences where staffing levels must be consistent to meet the needs of the business. From the policy: TIME OFF GUIDELINES All time off ...

    Published:  March 20, 2023, 12:00 PM EDT Modified:  March 21, 2023, 4:00 PM EDT Read More See more TechRepublic Premium
  • TechRepublic Premium

    Employee privacy policy

    PURPOSE This policy describes the organization’s employee privacy guidelines and outlines employee privacy expectations. From the policy: POLICY DETAILS The organization’s IT equipment, services and systems are intended for business use only. However, the organization acknowledges that staff, consultants and volunteers occasionally require opportunities to make or receive personal phone calls, access personal email, utilize ...

    Published:  March 19, 2023, 12:00 PM EDT Modified:  March 20, 2023, 4:00 PM EDT Read More See more TechRepublic Premium
  • TechRepublic Premium

    Security response policy

    PURPOSE The purpose of this Security Response Policy from TechRepublic Premium is to outline the security incident response processes which must be followed. This policy will assist to identify and resolve information security incidents quickly and effectively, thus minimizing their business impact and reducing the risk of similar incidents recurring. It includes requirements for both ...

    Downloads
    Published:  March 19, 2023, 12:00 PM EDT Modified:  March 20, 2023, 4:00 PM EDT Read More See more TechRepublic Premium

Services

  • About Us
  • Newsletters
  • RSS Feeds
  • Site Map
  • Site Help & Feedback
  • FAQ
  • Advertise
  • Do Not Sell My Information

Explore

  • Downloads
  • TechRepublic Forums
  • Meet the Team
  • TechRepublic Academy
  • TechRepublic Premium
  • Resource Library
  • Photos
  • Videos
  • TechRepublic
  • TechRepublic on Twitter
  • TechRepublic on Facebook
  • TechRepublic on LinkedIn
  • TechRepublic on Flipboard
© 2023 TechnologyAdvice. All rights reserved.
  • Privacy Policy
  • Terms of Use
  • Property of TechnologyAdvice