IoT Turns Cities Into Cyber Battlegrounds

Uploaded on 2015-12-06 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, GOVERNMENT-Local, FREE TO VIEW, TECHNOLOGY--Hackers, TECHNOLOGY-Key Areas-Internet of Things

The Internet of Things (IoT) is growing rapidly. The number of internet-connected devices is expected to hit 6.4 billion in 2016, and to surpass 38 billion by 2020. The emergent field is racing ahead of current practices, utilising cutting-edge technology to provide us with ever-newer capabilities. 

The problem is that IoT is also racing ahead of the current state of the art in cyber security, making the devices vulnerable to attack. As they come to occupy an ever more prominent role in our lives, they could put those same lives in serious danger.

The Stuxnet worm wreaked havoc on Iranian nuclear centrifuges, but this was only the most well known example. A German steel mill was extensively damaged through a cyber attack earlier this year, while over the past three years Iranian hackers destroyed 75% of computers belonging to Saudi Arabia’s national oil company. With more and more devices coming online these attacks are a sign of things to come.

As security was not rigidly implemented in many of today’s infrastructures at the design stage, adding protection now is becoming increasingly harder. The avenues of attack for potential cyber-terrorists or rogue-states are numerous. Many of the industrial systems in use have hardcoded backdoors – implemented for ease of maintenance – that could prove their downfall. 

The same applies to many of the systems behind electric grids, train networks, and traffic control, water and sewage, and some hospital systems. Determined attackers could seriously disrupt these systems, or shut them down entirely, with devastating effects.

More than 25,000 internet-connected deployments of an automation system “used widely by the military, hospitals and others to control electronic door locks, lighting systems, elevators, electricity and boiler systems, video surveillance cameras, alarms and other critical building facilities” are vulnerable to attack, researchers found in 2013. Most drone control systems are insufficiently secured, if at all.

Attackers could even target us in our homes. Home automation systems are particularly vulnerable to attack, allowing hackers to control everything from the temperature in the house, to alarm systems, and even unlock doors. Smart TVs, mobile phones and baby monitoring cameras are at risk of becoming eavesdropping and tracking devices.

So far, attacks of this sort have been isolated, but a determined group of attackers could employ these weaknesses to affect catastrophic results. These could range from disrupting traffic, affecting the entire economy, to even attempts at disrupting the governance of a state.

To thwart this threat manufacturers must take security more seriously. When the risk of attack is entirely unpredictable, and when such an attack could be orchestrated by a small group of people, tech firms must integrate secure design concepts at the earliest stages. Cybersecurity, in both the government and the private sectors, must be integrated into the entire homeland security paradigm. Only a concerted effort by the public and private sector working together can prevent the risks we face.


I-HLS

« OPM Hack Was Criminal - Not China Government Sponsored
Cyber Warfare Is Integral To Modern International Politics »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Centre for Secure Information Technologies (CSIT)

Centre for Secure Information Technologies (CSIT)

CSIT is a UK Innovation and Knowledge Centre (IKC) for secure information technologies. Our vision is to be a global innovation hub for cyber security.

Cypress Semiconductor

Cypress Semiconductor

Cypress is a semiconductor design and manufacturing company providing embedded devices for secure IoT applications.

AdNovum Informatik

AdNovum Informatik

AdNovum Informatik provides a full set of IT services, ranging from consulting, the conception and implementation of customized business and security solutions to maintenance and support.

Industrial Cyber Security

Industrial Cyber Security

Industrial Cyber Security provides specialist consulting services in enterprise and SCADA system security.

Red Alert Labs

Red Alert Labs

Red Alert Labs is an IoT security provider. We created an independent security lab with a disruptive business offer to solve the technical and commercial challenges in IoT.

ICT Reverse

ICT Reverse

ICT Reverse is one of the UK’s leading, fully accredited providers of ICT asset disposal and secure data erasure.

Proton Data Security

Proton Data Security

Proton Data Security is a certified small business specializing in the design, manufacturing and sales of data security products for permanent erasure of hard drives, tapes and optical media.

Citalid

Citalid

The Citalid cyber risk management platform combines threat and business intelligence to identify the risks scenarios you face.

3Lines Venture Capital

3Lines Venture Capital

3Lines Venture Capital invests in exceptional founders and startups working on broad disruptive themes of Future of Work, AI enabled enterprises, and Industry 4.0.

ECHO Project

ECHO Project

The main objective of ECHO is to strengthen the cyber defence of the European Union, enhancing Europe’s technological sovereignty through effective and efficient multi-sector collaboration.

Globant

Globant

Globant is an It and software development company. We leverage the latest technologies and methodologies to help organizations transform in every aspect, including software security.

PT Sydeco

PT Sydeco

At PT SYDECO we create a complete range of products that secure computer and industrial networks, servers, programs and data against any type of computer attack.

ramsac

ramsac

ramsac provide secure, resilient IT management, cybersecurity, 24 hour support and IT strategy to businesses in London and the South East.

Binarly

Binarly

Binarly has developed an AI-powered platform to protect devices against emerging firmware threats.

ASRC Federal

ASRC Federal

ASRC Federal’s mission is to help federal civilian, intelligence and defense agencies achieve successful outcomes and elevate their mission performance.

Irys Technologies

Irys Technologies

Irys Technologies specialize in pioneering digital transformation solutions designed to streamline communications and enhance maintenance and operational efficiency for a variety of sectors.