IoT Botnet Can Cause Massive Blackouts

IoT botnet can cause massive blackouts

As we become more and more interconnected, the very threat of attacks on IoT devices presents us with a very real threat which cannot be ignored at any costs. At this years USENIX Security Symposium, a study done by Princeton researchers demonstrate how an interconnected world can cause a major blackout, raising questions on the security of every nation's energy infrastructure.

The researchers presented a new class of bot known as the MadIoT (Manipulation of demand via the Internet of Things), which can use several botnets controlled remotely causing a local or national wide blackout.

Power grid security standards are all based on the assumption that the power demand can be predicted reliably on an hourly and daily basis,” the researchers wrote in their report. “Power grid operators typically assume that power consumers collectively behave similarly to how they did in the past and under similar conditions.”

Considering there is not much to the way these devices are secured as of now with various government and business organizations increasing their dependability on IoT powered devices, the risk is becoming very real with each day passing by.

Read more:
SophosLabs identifies Chalubo Botnet that uses servers or smart IoT devices for DDOS attacks
Even though the risk of damage done by IoT devices may seem like an anime fantasy, the threat is coming closer to reality, as learned from the Mirai botnet back in 2016. The botnet simply took advantage of various loopholes and vulnerabilities present in existing routers and webcams. Similarly, the MadIot botnet can gain access to almost every device in our home, effectively increasing the power demand and consumption.

“This work sheds light upon the interdependency between the vulnerability of the IoT and that of the other networks such as the power grid whose security requires attention from both the systems security and power engineering communities,” the researchers wrote.

Since the increase in IoT enabled devices is inevitable, it is better to ramp up the security mechanisms to ensure that no hacker can gain access to these devices. And it's not really in our hands. Graham Cluley says that only IoT device manufacturers can take the necessary steps to ensure that their devices are completely secure, actively scouring the firmware for any possible bugs or vulnerabilities.

However, the security concerns regarding connected devices are not something entirely new to the industry. The IoT Security Foundation, in the past, has issued several security guidelines to help manufacturers create a secure environment.

“[IoT device vendors] sell a product at a certain cost. But having to maintain it for the next 10 years is not something that enters their thinking,” told Paul Dorey, who is the chairman of the IoT Security Foundation, in a recent Financial Times interview.

PC: Pablo, Unsplash

Note: We at TechSutram take our ethics very seriously. More information about it can be found here.
Anurag Chawake Opinions expressed by techsutram contributors are their own. More details

I am an Engineering Student with a keen interest in Blockchain, Cloud Computing, AI, ML and related startups. I am currently working with Techsutram as a Writer/Intern.

No comments:

Post a Comment

    Your valuable comments are welcome. (Moderated)