IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Smart home mobile apps vulnerable to takeover

Researchers find that apps to control devices in the home could be easily hacked

Black IoT blocks on wooden desk

An examination of a number of mobile apps to control smart home devices has discovered that the security in place is not good enough to prevent hackers from taking control.

According to research carried out by IT security firm Pradeo Security Systems, 80% of tested applications carry vulnerabilities, with an average of 15 per application. Moreover, 15% of them can lead to a man-in-the-middle attack. Researchers said this was of particular concern as this can lead to an object takeover by a cybercriminal.

The researchers looked at 100 IoT mobile applications (thermostat, electrical blinds, remote control, baby phone) available on Google Play and App Store.

The researchers said that while official stores applications rarely include a malware but they are not necessarily safe. They added that apps analysed by the company are sending the data they handle to 17 servers in average, and 8% of them are transmitting the information to uncertified servers.

"Among these, some have expired and are available for sale. Anyone buying them could access all the data they receive," said Vivian Raoul, CTO of Pradeo Security Systems.

The research also found that 90% of applications leak the data they manipulate. Among these are application file content (81%), hardware information (device manufacturer, commercial name, battery status) (73%), device information (OS version number) (73%).

Raoul said that his firm has notified the IoT device manufacturers about the security problems they are exposed to.

While the number of smart home apps and devices are expanding with more developers getting in on the action, there's clearly a need for security to be seriously considered, otherwise homes and offices could end up with a deluge of potential vulnerabilities on their networks. 

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Recommended

Best paying tech jobs of 2022
Careers & training

Best paying tech jobs of 2022

10 Mar 2022
The internet of beer
artificial intelligence (AI)

The internet of beer

9 Nov 2021
IAR Systems and Secure Thingz partner to streamline Azure IoT migration
Microsoft Azure

IAR Systems and Secure Thingz partner to streamline Azure IoT migration

19 Oct 2021
JFrog acquires Upswift for edge-based DevOps expansion
mergers and acquisitions

JFrog acquires Upswift for edge-based DevOps expansion

13 Sep 2021

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
UK water supplier confirms hack by Cl0p ransomware gang
ransomware

UK water supplier confirms hack by Cl0p ransomware gang

16 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022