The concept of a smart city has become very popular in the entire world. The primary idea of a lively city is to make human life more convenience. However, some of the researchers claim that the concept of smart city system can be monstrous; sounds strange, let’s know how it is possible? Researchers from IBM X- Force and Throat care have exposed various critical vulnerabilities in the product of a smart city. They presented their discoveries at the BlackHat USA 2018.
Researchers from Threatcare and IBM X- Force demonstrated their discoveries on how the idea of a smart city can be vulnerable. Both of the firms examined various smart city products and found 17 zero-day vulnerabilities in four different smart city system. Out of these 17 errors, 8 gained critical severity labels, while remaining others attained high severity levels.
The researchers explained that most vulnerability they found were common. And, that they should ideally not exist in such a futuristic concept. They described it briefly in their blog that reads,
“While we were prepared to dig deep to find vulnerabilities, our initial testing yielded some of the most common security issues, such as default passwords, authentication bypass, and SQL injections, making us realize that smart cities are already exposed to old-school threats that should not be part of any smart environment.”
According to the researchers, most of the vulnerabilities they found were common that should not ideally exist in a futuristic concept. They elaborated it briefly in their blog that reads
In early 2018, researchers checked four smart city systems from three vendors that include Libelium, Battelle, and Echelon. This system consists of Meshlium- wireless sensor networks by Libellium, Echelon’s i.LON 100/I.LON smart server and i.LON 600, and two vehicles to infrastructure hubs from Batelle – V21 Hub v 2.5.1 and V21 hub v3.0.
Researcher tested on devices from three categories, intelligent transportation systems, industrial Internet of Things (IoT), and disaster management. These devices can be practiced on various communication protocols, including Wifi, 4G, and ZigBee.
As per researchers, the practices of these vulnerable systems can result in anything between “inconvenient and catastrophic.” For instance, fake flood warnings, radiation alarms, and panic through false emergency alarms, gunshot reports, and traffic reports are some of the possible impacts from these errors. If the vulnerabilities are not addressed, it can lead the world towards massive disruption.
After discovering all these flaws and vulnerabilities, researchers are now willing to continue their research and awareness program in this regard.