English English

Blog

Tuesday, 13 February 2018 06:47

Smart Cities: Can My City be Hacked?

Our connected devices make life easier on us as individuals, and the conveniences afforded to us by connecting technology to the physical world around us are compounded when we expand the reach from individuals to a greater population, – entire cities.

 

While cities have been adopting new technologies that connect the physical world to the digital world for decades, the rate at which they do so is reaching new heights, and the technologies themselves are far more advanced. These technologies, and the greater amount of connectivity they allow for, are opening cities up for the greater good…as well as the greater evil.

The Promise and Potential of the Smart City

 The technological advancements posed by the Internet of Things have far-reaching benefits for the cities who adopt them. ‘Smart Cities’, or ‘Intelligent Cities’, as they’re called, integrate devices with physical infrastructure, which allow the cities to streamline communication, cut costs, provide better services to citizens through automation and more accurate data collection and analysis, and enables these cities to better plan for the future.

For example, traffic lights and parking sensor technologies improve traffic patterns and reduce both parking issues and the carbon dioxide emissions caused by them. Smart trash cans inform the city when they need to be emptied, smart water pipes can measure quality, leakage, and more, and bus and train stops let passengers know when their ride is set to be there, in real-time. Cities around the world, including Barcelona, Washington DC, Chicago, London, and Seoul, have adopted these and other technologies as they make the transformation to become Smart Cities.

Yet as governments worldwide are embracing the Internet of Things to become ‘Smart Cities,’ there’s the major issue of security in the Internet of Things that has mostly been left unaddressed until recent years.

The sheer scale of city-wide connectivity allows much more room for a single security vulnerability to wreak havoc on the residents and governments that have adopted these technologies. As security strategist Cesar Garlati told SCMagazine, “While the chips and sensors found in many of these devices are so small that security may not have felt like an ‘issue’, the proliferation of them now, especially the amount needed to create and maintain a smart city, means that it could become a real problem.” As more cities adopt more Smart City technology to replace or upgrade existing infrastructure, the risks they carry will only grow and compound.

We’ve already seen how IoT hacks on a smaller scale can cause major issues, such as the infamous Jeep hack, when security researchers remotely paralyzed the car on the highway, and when hackers were able to steal hundreds of millions of dollars worth of electricity through ‘smart meters’, and when smart refrigerators were found to be susceptible to having the owner’s Gmail accounts compromised. In 2014, security researchers at the University of Michigan were able to hack traffic lights of nearly 100 intersections they found to have no security controls at all. And just this last April, hackers attacked the official warning system in Dallas, creating city-wide panic as all 156 of the city’s emergency sirens blasted off in the middle of the night.

 Worse still, all the way back in 2006, a couple of traffic engineers working for the city of Los Angeles found themselves accused of tampering with traffic control systems of four main intersections throughout the city, which caused several days of gridlock before the system could be repaired. These attacks are nothing new – so why aren’t cities doing more to protect themselves and their citizens when implementing Smart technologies on a much grander scale? The difference between hacked refrigerators and hacked critical infrastructure has enormous implications for the cities employing these smart technologies.  It’s time for so-called ‘Smart Cities’ to wisen up to security, as well.

Tuesday, 13 February 2018 06:42

Top 4 security predictions for 2018

Ransomware has not gone away

Too much money is being made from ransomware for it to disappear – it won’t. According to Cyber Security Ventures, global ransomware damage costs for 2017 will exceed US$ 5 billion, with the average amount paid in ransom among office workers around US$ 1400. Companies can help prevent ransomware by tracking everything coming in and out of the network and running AV solutions with anti- ransomware protection. And, of course, you should do regular backups to a structured plan, based around your own business requirements – and make sure you test the plans

 

IoT – a security time-bomb

IoT is a rapidly growing phenomenon which will accelerate in the coming years as both consumers and businesses opt for the convenience and benefits that IoT brings. However, manufacturers are not yet routinely building security into IoT devices and 2018 will see further problems generated through the use of insecure IoT. IoT is a major threat and possibly the biggest threat to businesses in the coming years. Unfortunately, it is not easy, and in some cases impossible, to bolt on security as an afterthought with IoT, and many organisations will find it challenging to deal with the consequences of such breaches.   As IoT cascades through organisations’ infrastructures, it is likely to become the ultimate Trojan horse.

 

More from the Shadow Brokers

The Shadow Brokers, a hacker group which stole hacking tools from the American National Security Agency (NSA), created havoc in 2017 with the Wannacry ransomware episode. The group has already stated that it will soon release newer NSA hacking tools, with targets that might include vulnerabilities in Windows 10.

 

There will certainly be further episodes from them in 2018, so patch management, security and regular backups will be more crucial than ever. A major target of these hackers is the data that organisations hold, including PII (Personally Identifiable Information) and corporate data, so protecting the data ‘crown jewels’ inside the network will become ever more crucial.

 

Search