With security breaches in healthcare IT systems on the rise, concern has begun to surface about the security of mHealth apps that are downloaded to smartphones. With over 100,000 of these apps now on the market, their connectivity to the Internet makes them a prime target for hackers.
A recent study conducted by researchers at HP concluded that 70 percent of connected mobile devices and apps show security vulnerabilities including password security and encryption issues.
Concentrating on the most commonly used Internet of Things (IoT) devices, the team of researchers noted that consumer demand is pushing manufacturers to increase their output of connected devices, cloud access and mobile apps—opening the door even wider to attacks by hackers.
"While the Internet of Things will connect and unify countless objects and systems, it also presents a significant challenge in fending off the adversary given the expanded attack surface," said Mike Armistead, vice president and general manager, Fortify, Enterprise Security Products at HP, in a press release. "With the continued adoption of connected devices, it is more important than ever to build security into these products from the beginning to disrupt the adversary and avoid exposing consumers to serious threats."
The report also concluded that of the IoT devices tested, 70 percent did not encrypt communications with the Internet and local networks. The apps didn't fare much better; half of the mobile apps had no encryption for communications to the cloud, Internet or local networks.
Also of concern: 90 percent of the tested devices collected at least one piece of personal data from the product itself, the cloud or a mobile app.