Category Archives: Smart Cities

Cybersecurity trends for 2019 in the Latin America region

From Buenos Aires to Rio de Janeiro, cities all over South America are today using Internet of Things(IoT) to improve the lives of its citizens. Sensors in Brazil now warn of gas leaks before they become dangerous. Smart technology is everywhere, enabling city organizations to proactively alert people about traffic conditions, inclement weather, and other hazards.

It wont be an exaggeration to say that the region is getting ready for an IoT boom. According to a report by the Evans Corporation this year, South American developers are particularly keen on developing IoT technology; 60 percent of developers are planning IoT projects and 22 percent are already executing on them. But as more and more sensors and devices are connected to the internet, cyber criminals gain more opportunities to leverage unattended vulnerabilities. IoT botnets have the ability to compromise and leverage thousands of these devices to wreak havoc.

2018 saw a range of attacks on IoT infrastructure. Wicked, OMG Mirai, ADB.Miner, DoubleDoor, Hide ‘N Seek and Mirai-Variant IoT Botnets were widely seen in cyberattacks around the world. VPNFilter malware was behind the largest attack of the year with over half a million devices infected across over 50 countries in a single episode.

2019 will see hackers go after data with increased zeal. This include highjacking devices as part of Advanced Persistant Threat attacks and using them to gain access to sensitive data and IP which could be held for ransom. The sectors that will attract maximum attacks in South America include oil and gas, infrastructure, utilities, defense and retail. Attacks bearing a geo-political motive are also expected to increase this year.

Regional hackers have figured out that businesses are more willing to pay ransoms to prevent such data from being published online or on the dark web. This they are working to target devices and networks to pilfer data and record conversations of value.  Another tactic gaining currency is data poisoning wherein inaccurate information is fed into decision making systems to disrupt large systems.

Publishing zero-day vulnerabilities without taking the vendor into confidence or giving them reaction time to patch devices creates a unique advantage for hackers as they can take advantage of such vulnerabilities to create widespread damage.  This trend will persist in 2019 albeit with vendors turning more cooperative, lesser instances will come to the fore.

With more businesses using bots to log data in CRM\ERP or other business management software, the data accessed by such bots is becoming more critical with each passing year. By spoofing identity, hackers can gain access to critical systems and then use such bots to exfiltrate data and since most of these bots are today working with very less monitoring, an attack could theoretically last months or even years, if they go undetected.

As geo-political faults expand, cyberwarfare has turned deadlier. Today actors sponsored by nation states are investing in AI-based offenses to harass their adversaries. Geo-political attacks are now targeting critical industrial systems, utilities, smart devices, renewable energy farms, offshore oil rigs and more. With agencies finding it difficult to suppress information on such attacks from leaking out into the mass media, hackers are getting more aggressive as the impact of their work becomes more visible, monetarily rewarding and discussed.

Sectors such as banking and financial services, healthcare, oil and gas and retail will continue to attract attention from hackers in 2019. The attacks will get more sophisticated and the attack signature will turn even paler as hackers use newer tactics and strategies to breach networks.

On the response front, as this article is being written, we are clearly seeing cybersecurity being addressed through “codes of practice” and “guidelines”. The government of California has openly come out with its resolve to make businesses do more towards securing their infrastructure and others will follow in 2019. What is still missing is a coordinated effort to address the problem at hand. Cybersecurity will remain a half-hearted battle till all stakeholders join hands and launch a coordinated effort to curb the menace.

Globally, cybercrimes cost $600 in damages in 2017. No nation is rich enough to afford such a huge loss individually or collectively. Instead if this money were to be deployed for improving healthcare, generating employment and in improving civic infrastructure, the magnitude of the loss becomes more apparent.  Hopefully 2019 will be the year where we see more coordination between stakeholders. Such a collaboration is inevitable if we are to see lasting progress in the war on cybercrimes.

Securing smart cities

As the smart cities mission gathers momentum in India, one cannot but help imagine that these cities will turn into growth engines for the Indian economy in the near future. A whole new eco-system is coming together to facilitate the evolution of these projects and the country’s technology prowess is also getting a boost thanks to the unique needs that these projects are placing in terms of hardware, software and technology strategies.

One area where we have more work to do is the domain of smart city cyber security. As smart city projects take off and grow in scale, the security challenges will also rise proportionately and so should the strategies and tactics deployed to deal with them.

When one looks at the entities connected with a smart city, the challenge becomes clear. From smart energy to smart infrastructure, the network of people, devices, access points and interfaces creates vulnerabilities that criminals or actors will mal intend can exploit. The web of information flow created by each of these creates complexities that

Any chink in the armor which could be something as downstream as smart street light in a manner of speaking can lead to the whole chain of data getting infected.  The infection could spread upstream going back into the command and control facility and spread to other smart city aspects and threaten the viability of an entire city.

When it comes to cyberattacks on smart cities, the attacks can be subdivided into man-in-the-middle, data and identity theft, device high jacking, Denial of Service and Distributed Denial of Service (DDoS). In all these cases, the hacker or hacker groups might target data, disruption or attacks on third-parties. During a Denial-of- Service attack (DoS attack), a machine or a network resource may be rendered unavailable by flooding it with fake requests that prevent legitimate requests from being attended to. In case of a DDoS, multiple smart city entities may be used to attack a single or multiple sources outside the network to overwhelm the system. Smart cities could either be the targets of such activity or their infrastructure could be used to launch these attacks on other entities.

Smart parking meters, lighting, traffic signals and other connected end points could also fall prey to  Permanent denial- of-service attacks (PDoS), an attack that damages the device so badly that it requires replacement or reinstallation of hardware.

Connected vehicles that interface and engage various aspects of the smart city eco-system could also serve as an entry point for vectors. A connected vehicle that got infected with a vector that came onboard through another city or network could carry that vector and infect another city or network it comes in contact with. A single connected vehicle or a set of vehicles could be virtually highjacked to cause chaos on the roads. In instances where such vehicles interact with intelligent traffic systems, they could be used to mount a DDoS attack on the city or such systems.

During a natural disaster or any other emergency, such vehicles could be turned unusable by hackers thereby increasing the response time.  The easiest way to control mass behavior is by controlling mass or individual transport systems which is why connected vehicles are always on the radar of hackers and other groups.

Malicious actors could work to cause large scale disruption including power outage, grid shutdown, even disrupt emergency services or law enforcement communications.

Every attack on a smart city could lead to loss of capital, revenue potential, legal liabilities or even deaths. If the hacker takes down a traffic management system during peak hour, the disruption could result in loss of manhours and unnecessary fuel consumption both of which have an implication for the economy of the city and the country. A medium sized breach affecting nearly 100000 devices could cost upwards of USD 1 million to fix and this is just a conservative estimate.

While loss of revenue and investment opportunities may be compensated, in the short term through capital infusion, the loss of credibility cannot be fixed that easily.

Protecting smart cities
A multi-pronged approach is needed to secure endpoints, the underlying network infrastructure and the cloud architecture safe. By deploying multiple layers of security through multiple detection and remedial methods, threats from every endpoint could be contained before the network is harmed. Cities can also boost their threat intelligence by installing sensors that constantly monitor the threat environment and automatically respond to those threats across the whole network.

The command and control facility needs to be secured by deploying systems that can monitoring inbound and outbound data traffic and flag any anomaly. A security operations center should also be deployed to constantly monitor the functioning of the smart city at all levels of data flow.  Small but essential steps such as firmware updates need to be done on a regular basis. And finally, through secure decommissioning of devices, smart city security professionals should prevent the repurposing of devices to launch in-bound or outbound attack by logging on to the network.

When it comes to protecting a smart city, a series of small steps done in a coordinated manner with complete attention and involvement of stakeholders at all levels can go a long way in preventing attacks and disruption. Smart cities are undoubtedly the growth engines of the future and deserve security attention and planning of the highest order.

Get Started with Subex

Schedule a Demo
close slider

    I consent to receive communications from Subex Limited. Confirm Opt-In