IoT Turns Cities Into Cyber Battlegrounds

Uploaded on 2015-12-06 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, GOVERNMENT-Local, FREE TO VIEW, TECHNOLOGY--Hackers, TECHNOLOGY-Key Areas-Internet of Things

The Internet of Things (IoT) is growing rapidly. The number of internet-connected devices is expected to hit 6.4 billion in 2016, and to surpass 38 billion by 2020. The emergent field is racing ahead of current practices, utilising cutting-edge technology to provide us with ever-newer capabilities. 

The problem is that IoT is also racing ahead of the current state of the art in cyber security, making the devices vulnerable to attack. As they come to occupy an ever more prominent role in our lives, they could put those same lives in serious danger.

The Stuxnet worm wreaked havoc on Iranian nuclear centrifuges, but this was only the most well known example. A German steel mill was extensively damaged through a cyber attack earlier this year, while over the past three years Iranian hackers destroyed 75% of computers belonging to Saudi Arabia’s national oil company. With more and more devices coming online these attacks are a sign of things to come.

As security was not rigidly implemented in many of today’s infrastructures at the design stage, adding protection now is becoming increasingly harder. The avenues of attack for potential cyber-terrorists or rogue-states are numerous. Many of the industrial systems in use have hardcoded backdoors – implemented for ease of maintenance – that could prove their downfall. 

The same applies to many of the systems behind electric grids, train networks, and traffic control, water and sewage, and some hospital systems. Determined attackers could seriously disrupt these systems, or shut them down entirely, with devastating effects.

More than 25,000 internet-connected deployments of an automation system “used widely by the military, hospitals and others to control electronic door locks, lighting systems, elevators, electricity and boiler systems, video surveillance cameras, alarms and other critical building facilities” are vulnerable to attack, researchers found in 2013. Most drone control systems are insufficiently secured, if at all.

Attackers could even target us in our homes. Home automation systems are particularly vulnerable to attack, allowing hackers to control everything from the temperature in the house, to alarm systems, and even unlock doors. Smart TVs, mobile phones and baby monitoring cameras are at risk of becoming eavesdropping and tracking devices.

So far, attacks of this sort have been isolated, but a determined group of attackers could employ these weaknesses to affect catastrophic results. These could range from disrupting traffic, affecting the entire economy, to even attempts at disrupting the governance of a state.

To thwart this threat manufacturers must take security more seriously. When the risk of attack is entirely unpredictable, and when such an attack could be orchestrated by a small group of people, tech firms must integrate secure design concepts at the earliest stages. Cybersecurity, in both the government and the private sectors, must be integrated into the entire homeland security paradigm. Only a concerted effort by the public and private sector working together can prevent the risks we face.


I-HLS

« OPM Hack Was Criminal - Not China Government Sponsored
Cyber Warfare Is Integral To Modern International Politics »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ASIS International

ASIS International

ASIS International is a global community of security practitioners with a role in the protection of assets - people, property, and/or information.

IGEL Technology

IGEL Technology

IGEL Technology is one of the world's leading thin client vendors. Thin clients increase data security and compliance.

DivvyCloud

DivvyCloud

DivvyCloud protects your cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges.

Citalid

Citalid

The Citalid cyber risk management platform combines threat and business intelligence to identify the risks scenarios you face.

Collins Aerospace

Collins Aerospace

Collins Aerospace provides cybersecurity services and systems to protect critical infrastructure facilities and railroad operations.

CHEQ

CHEQ

CHEQ provides fully autonomous, preemptive technology for brand safety and ad-fraud prevention.

Gluu

Gluu

Modern Authentication for Digital Enterprise. Organizations around the world trust Gluu for large-scale, high-security identity & access management.

RevBits

RevBits

RevBits provides high-performance cybersecurity solutions including email security, endpoint security, deception technology and PAM solution to enterprise companies and public sector organizations.

Inpher

Inpher

Inpher has pioneered cryptographic Secret Computing® that enables advanced analytics and machine learning while keeping data private, secure, and distributed.

Cyber Range Solutions (CRS)

Cyber Range Solutions (CRS)

CRS provides cyber security training and improve security team performance by providing a hyper realistic, virtual training environment.

Bedrock Systems

Bedrock Systems

BedRock Systems is on a mission to deliver a trusted computing base from edge to cloud, where safety and security isn’t just a perception, it’s a formally proven reality.

Redsquid

Redsquid

At Redsquid we are all about making a difference to our customers with the use of technology, as an innovative provider of solutions within IoT, Cyber security, ICT, Data Connectivity & Voice.

Protectt.ai Labs

Protectt.ai Labs

Protectt.ai Labs is India’s first mobile security start up building awareness & providing solutions for mobile app, device & transaction security.

Performance Technologies

Performance Technologies

As a leading IT Solutions Provider in Greece, Performance Technologies delivers reliable, long life solutions, ensuring continuous availability of business-critical services and information.

Thunder Shield Security

Thunder Shield Security

Thunder Shield is a professional cyber security service provider of penetration test, source code review and security assessment services.

LT Harper

LT Harper

LT Harper specialise in cyber security recruitment. We believe in providing an individualised service to our customers whether they are looking for a new opportunity or to hire talent.