IoT Turns Cities Into Cyber Battlegrounds

Uploaded on 2015-12-06 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, GOVERNMENT-Local, FREE TO VIEW, TECHNOLOGY--Hackers, TECHNOLOGY-Key Areas-Internet of Things

The Internet of Things (IoT) is growing rapidly. The number of internet-connected devices is expected to hit 6.4 billion in 2016, and to surpass 38 billion by 2020. The emergent field is racing ahead of current practices, utilising cutting-edge technology to provide us with ever-newer capabilities. 

The problem is that IoT is also racing ahead of the current state of the art in cyber security, making the devices vulnerable to attack. As they come to occupy an ever more prominent role in our lives, they could put those same lives in serious danger.

The Stuxnet worm wreaked havoc on Iranian nuclear centrifuges, but this was only the most well known example. A German steel mill was extensively damaged through a cyber attack earlier this year, while over the past three years Iranian hackers destroyed 75% of computers belonging to Saudi Arabia’s national oil company. With more and more devices coming online these attacks are a sign of things to come.

As security was not rigidly implemented in many of today’s infrastructures at the design stage, adding protection now is becoming increasingly harder. The avenues of attack for potential cyber-terrorists or rogue-states are numerous. Many of the industrial systems in use have hardcoded backdoors – implemented for ease of maintenance – that could prove their downfall. 

The same applies to many of the systems behind electric grids, train networks, and traffic control, water and sewage, and some hospital systems. Determined attackers could seriously disrupt these systems, or shut them down entirely, with devastating effects.

More than 25,000 internet-connected deployments of an automation system “used widely by the military, hospitals and others to control electronic door locks, lighting systems, elevators, electricity and boiler systems, video surveillance cameras, alarms and other critical building facilities” are vulnerable to attack, researchers found in 2013. Most drone control systems are insufficiently secured, if at all.

Attackers could even target us in our homes. Home automation systems are particularly vulnerable to attack, allowing hackers to control everything from the temperature in the house, to alarm systems, and even unlock doors. Smart TVs, mobile phones and baby monitoring cameras are at risk of becoming eavesdropping and tracking devices.

So far, attacks of this sort have been isolated, but a determined group of attackers could employ these weaknesses to affect catastrophic results. These could range from disrupting traffic, affecting the entire economy, to even attempts at disrupting the governance of a state.

To thwart this threat manufacturers must take security more seriously. When the risk of attack is entirely unpredictable, and when such an attack could be orchestrated by a small group of people, tech firms must integrate secure design concepts at the earliest stages. Cybersecurity, in both the government and the private sectors, must be integrated into the entire homeland security paradigm. Only a concerted effort by the public and private sector working together can prevent the risks we face.


I-HLS

« OPM Hack Was Criminal - Not China Government Sponsored
Cyber Warfare Is Integral To Modern International Politics »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

KPMG

KPMG

KPMG s a leading provider of professional services including information technology and cyber security consulting.

Detectify

Detectify

Detectify is a web security service that simulates automated hacker attacks on your website, detecting critical security issues before real hackers do.

Adlink Technology

Adlink Technology

ADLINK is a leading provider of embedded computing products and services for applications including IoT and industrial automation.

Fluency Security

Fluency Security

Fluency is the only Security Analytics & Orchestration (SAO) solution that automates correlation, detection, validation and ongoing tracking.

Mission Secure (MSi)

Mission Secure (MSi)

MSi is a specialized provider of next generation cyber defense solutions protecting control systems and critical physical assets in energy, transportation and defense.

Precise Biometrics

Precise Biometrics

Precise Biometrics develop and sell fingerprint software for convenient and secure authentication of people’s identity in mobile devices, smart cards and other products with fingerprint sensors.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

Sapien Cyber

Sapien Cyber

Sapien Cyber is an Australian company bringing leading-edge cyber security and threat intelligence solutions.

Dual Layer IT Solutions

Dual Layer IT Solutions

Dual Layer offer a full range of IT Services and Solutions for businesses from IT infrastructure design to cloud/hosted solutions, cybersecurity, disaster recovery and IT training.

Infinidat

Infinidat

Infinidat delivers enterprise-proven solutions for data storage, data protection, business continuity, and sovereign cloud storage.

Query.ai

Query.ai

At Query.AI, we are committed to helping companies unlock the power of their security data, so they are empowered to meet security investigation and response goals while simultaneously reducing costs.

Oxford Internet Institute - University of Oxford

Oxford Internet Institute - University of Oxford

The Oxford Internet Institute is a multidisciplinary research and teaching department of the University of Oxford, dedicated to the social science of the Internet.

Ipstack

Ipstack

Ipstack offers one of the leading IP to geolocation APIs and global IP database services worldwide. Protect your site and web application by detecting proxies, crawlers or tor users at first glance.

Covenant Technologies

Covenant Technologies

Make Covenant Technologies the only choice for your IT and cybersecurity recruitment needs. We deliver quality candidates at the forefront of the cybersecurity and IT industry.

Oxygen Technologies

Oxygen Technologies

Oxygen Technologies is a business systems strategy and integration company offering a variety of solutions to give our clients ways to work smarter not harder.

Miggo Security

Miggo Security

Miggo is the first Application Detection and Response (ADR) platform on a mission to stop application breaches.