IoT Security Threats: Survey Finds Government, Financial Sectors Vulnerable

The internet-connected devices that make up the Internet of Things (IoT) is creating more vulnerabilities for consumers and for a number of industries that count on the technology, a new survey found.

Netsparker, a web applications security company, run a poll of web developers with the help of Propeller Insights that found a majority of experts believe government agencies and financial institutions are most vulnerable to attack, and IoT devices are contributing to the problem.

Read: IoT Security: Senate Bill Proposes Safeguards For Government's Internet-Connected Devices

Nearly two-thirds of developers responding to the survey—61 percent—said they believe government organizations are the most vulnerable to hacking, likely in part due to being a high-value target and the general reliance on legacy systems.

“Because of recent election-related events, it’s not surprising that developers and IT professionals have so little confidence in the ability of governments to prevent hacking. But the reality is that all organizations and enterprises should take precautions to prevent data breaches,” Netsparker CEO Ferruh Mavituna said.

Fifty percent of people ruled the financial industry to be vulnerable to attack—a fact that has played out in recent months as banks have fallen victim to hackers, including a cast in Italy that resulted in more than 400,000 people having their bank account information compromised.

Forty-four percent of developers believe the media is vulnerable attack. About one-third believe communications and healthcare industries could be hit by hackers, while 29 percent believe the gaming industry is vulnerable. One-in-four viewed energy companies and utilities as potential targets.

Read: IoT Security: Nearly Half Of Businesses Experience Breaches Because Of Internet Of Things

Many of those developers surveyed also view internet-connected devices as a point of concern for organizations and individuals who rely on the technology. Smart home technologies including thermostats, lights and appliances, are considered the largest risk, with 52 percent of developers marking them as vulnerable.

Smart televisions, or TVs with an internet connection, were viewed as vulnerable by 42 percent of developers, while 41 percent think web applications and online services are at risk. Thirty-five percent are worried about connected cars being hacked and 34 percent believe ATMs to be vulnerable.

While there have been a number of major cybersecurity incidents in recent years that have born out some of the concerns raised by developers, many said those cases could be viewed as teachable moments that security professionals can learn from.

The hack of the Democratic National Committee that led to a number of leaked emails being published online was viewed as the most teachable moment, with 47 percent of developers highlighting that incident. Thirty-two percent saw WannaCry as an important moment, while about one-in-four saw the hacks of Chipotle and OneLogin as incidents that could be learned from.

Developers viewed the most important step organizations can take to improve their security and combat risk to be increasing background checks on volunteers and staffers, with more than half suggesting such a step. Forty-seven percent advised hiring IT specialists and another 45 percent advocated increased funding from federal governments to address issues.