IoT Attacks Increasingly Target Smart Cities and Critical Infrastructure

We’re all familiar with the outcomes of cyberattacks – stolen personal information and identities, files and systems held hostage, and so on. But with the growth of the Internet of Things (IoT), the attack surface for potential cyberattacks is growing and the perpetrators are demonstrating increasingly hostile motives.

In the Beginning

The first proven IoT cyberattack was uncovered in 2014 and involved “smart” household appliances. The global attack, revealed by one security provider, involved more than 750,000 malicious emails originating from more than 100,000 consumer gadgets such as home routers, multimedia centers, TVs, and even a refrigerator. These gadgets had been compromised and used as platforms to launch attacks against enterprises and individuals.

Cyber criminals intend on stealing individual identities and infiltrating enterprise IT systems have found a target-rich environment in these poorly protected internet connected devices that may be more attractive and easier to infect and control than PC, laptops, or tablets,” says the report.

No more than 10 emails were initiated from a single IP address and the compromises weren’t particularly sophisticated. Instead, misconfiguration and the use of default passwords had rendered the devices exposed on public networks, and easy targets.

This is just one example of the vulnerability that IoT devices represent – but, perhaps more troubling, is the potential for physical harm as a result of an attack on a smart device. What if a hacker breaks into your smart car’s network and takes control of the steering wheel? Symantec research has pinpointed multiple vulnerabilities in 50 commercially available devices, including a “smart” door lock that could be opened remotely online without a password.

Smart Cities at Greatest Risk

Smart cities are also vulnerable. A smart city is one that deploys new technologies like connected security surveillance cameras, street lights that can adapt to weather conditions, smart traffic lights that adjust based on traffic flow, or smart parking applications that find available parking lots. Many of these technologies are implemented without first testing cybersecurity and implementing encryption mechanisms, claims The Hacker News. The top smart cities around the world are also labelled the most vulnerable:

• Santander, Spain

• New York City, USA

• Aguas De Sao Pedro, Brazil

• Songdo, South Korea

• Tokyo, Japan

• Hong Kong

• Arlington County, Virginia, USA

Critical Infrastructure and Industrial IoT

Then, there is our heavy duty infrastructure. The government recently revealed that the number of cyberattacks on industrial control systems is on the rise, as reported by Betanews earlier this year.

"We see more and more that are gaining access to that control system layer", said Marty Edwards, who runs the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT. "I am very dismayed at the accessibility of some of these networks... they are just hanging right off the tubes".

Case-in-point, in March 2016, the Department of Justice indicted state-sponsored Iranian computer hackers with penetrating the computer-guided controls of the Bowman Avenue Dam in Rye Brook, N.Y. Authorities were baffled by the choice of this modest dam, but speculate that the attack could have been a dry run for a more disruptive attack on hydroelectric systems or the power grid. Hackers were able to gain information regarding the status of the dam, including water levels, temperature, and access that would have enabled them to remotely control the dam’s sluice gate.

How to Protect Connected Devices

In its 2016 Internet Security Threat Report, Symantec suggest that “protecting the Internet of things requires the same holistic approach as other areas of IT security…Effective security requires layers of security built into devices and the infrastructure that manages them, including authentication, code signing, and on-device security (such as Embedded Critical System Protection technology). Analytics, auditing, and alerting are also key to understanding the nature of threats emerging in this area. Finally, strong SSL/TLS encryption technology plays a crucial role in authentication and data protection.”

Symantec’s IoT security solutions are a step in the right direction towards protecting agencies and consumers from this double threat.

Symantec’s Embedded Critical System Protection is a lightweight security client that includes authentication, device security, analytics and management to help prevent vehicles, medical devices, industrial control systems, and countless electronic devices from becoming hacked, tracked and electronically hijacked.

The solution protects IoT devices by locking down the software embedded in the device to protect against zero-day attacks and prevent compromise.