News IoT Hackers Could Hit a New Low By Targeting...

IoT Hackers Could Hit a New Low By Targeting Water Supplies


- Advertisment -

By hacking into fleets of vehicles, cardiac devices, and baby heartbeat monitors, we thought IoT hackers had already hit a new low. Beyond manipulating our data or draining our bank accounts, hackers can cause irreversible damage to our health. So, perhaps it shouldn’t come as a surprise that the next IoT hack on the horizon could be something even more serious.

By 2025, approximately 8 billion devices will be connected to the internet. That’s 8 billion possibilities for cybercriminals that, so far, have proven IoT breaches akin to stealing candy from a baby. When you also consider that by that same year, two-thirds of the world will have limited or scarce access to water, it becomes a powerful resource to control.

Research by scientists at the Ben-Gurion University of the Negev found that numerous vulnerabilities in smart irrigation systems could be an easy target for hackers. Criminals could take over the systems and cause water consumption to skyrocket by ramping up output, leading to water shortages.

The study assessed several smart IoT irrigation systems from manufacturers including RainMachine, GreenIQ, and BlueSpray. And the results were conclusive: the systems were insecure and each had significant vulnerabilities which, in the worst-case scenario, could allow hackers to drain public water supplies using a bot.

Many cybercrooks are only in it for the money. For others, human misery is pretty high up there on their list of guilty pleasures. And actually, seizing control over a resource as precious as water could wind up bringing in millions or even billions of dollars in payouts to regain control.

An IoT Breach Waiting to Happen

With developing technologies including blockchain and AI, many are hopeful that cybersecurity will become more robust. Others, though, believe that cybercriminals will only become more inventive and that threats will emerge at the same pace as new technologies.

Disrupting a city’s water supply is much easier to do remotely from a computer with no need to physically visit the critical infrastructure to cause damage. It’s also a lot harder to trace.

The hacker simply attacks the IoT devices connected to the water supply by taking control of a botnet and scanning for all smart irrigation systems connected. They could switch on the watering, using session hijacking and replay attacks as they please.

According to the research, a standard water tower could be emptied in as little as one hour by using a botnet of 1,355 sprinklers. It gets worse. A floodwater reservoir could be drained dry overnight using around 23,866 sprinklers.

It’s a pretty sobering thought, especially considering that, even if the attack were detected, the only possible reaction would be to shut down the water supply and cause temporary havoc.

While that would prevent a hacker from wasting more water, it would also deny people access to water, meaning the attacker’s goal was fulfilled either way. Researchers said that preventing people from obtaining access to water could be considered a “national disaster.”

How to Prevent This from Happening

IoT device security remains an issue of immense concern for many cybersecurity professionals. The majority of devices simply are not secure enough and have proven to place critical infrastructure at risk time and again.

The scientists at Ben-Gurion University report that preventing an attack involving IoT irrigation systems is possible by upgrading HTTP communication to HTTPS communication. But that may not be enough.

Doing so would prevent hackers from spoofing TCP packets, but SSH communication should be disabled in these devices as well since it creates an additional vulnerability and is “not needed” to communicate with a smart irrigation system using a cloud as a mediator.

Limiting device connectivity is another way to prevent hackers from gaining access, but it’s not a lasting or failsafe solution.

Ultimately, IoT technology still throws up an ominous number of question marks. How safe do you feel knowing that your Fitbit, portable speaker, baby monitor, or irrigation system could be used to cause unthinkable harm?

And here’s another question for you: If an IoT botnet can be used to control water systems, what’s to stop them from attacking other critical infrastructure? Moving climate change, nuclear war, and a robot invasion to one side, could the fate of the world actually lie in the hands of a poorly trained developer or sloppy IoT device manufacturer unwilling to secure their products?

Source link


Please enter your comment!
Please enter your name here

Latest news

Ethereum Price Sees $500 for the First Time in Two-and-a-half Years

First launched in 2014, Ethereum or Ether is one of the oldest altcoins and probably the most...

Banking Sector is Ready for a Tech Revolution With Cryptocurrency

When our world is going through a massive change due to COVID-19blow, it is very likely that...

OpenDAO’s Bridge Opens New Possibility for Mass Adoption of DeFi

When Satoshi Nakamoto officially created Bitcoin on January 3, 2009, his vision for the digital asset was...

Crypto’s price surge was mostly due to limited information – here’s why

As the world becomes more and more digitized, the usage of one of the most popular cryptocurrencies,...
- Advertisement -

U.S. Authorities Seized Bitcoin Worth a Total of $1 billion

The cryptocurrencies were in the possession of a person who had hacked Silk road, which was detected...

Top 12 BEST Crypto Trading Bots for 2020

TL;DR: In this article, we present a list of the best Crypto Trading Bots of 2020. If...

Must read

- Advertisement -

Read Next
Recommended to you