Will security vulnerabilities dent smart city efforts

As the Internet of Things (IoT) drives ever more smart city initiatives, security experts fear IT departments will soon be overwhelmed by hackers attracted by huge new troves of data.

A recent article by ITWeb discussed increasing IoT and smart city security issues with Paul Williams, major account manager for network security firm Fortinet.

Williams sees a new IoT-driven era emerging where cloud services and connected workplace devices proliferate rapidly. While IoT technology growth is undeniably benefiting productivity, he warns that it is also creating chaos for Chief Information Officers (CIOs) whose tightly held control over their IT systems is being shattered.

“CIOs now have to grapple with the idea of employees using unsanctioned cloud services via unsecured phones to hook up to corporate servers and accessing sensitive business data,” said Williams. “CIOs should look at IoT devices that offer device-to-device encryption, and bolster comprehensive encryption schemes to protect data in networks, cloud services and endpoint devices.”

He sees the quickly expanding smart city services technology and services available as adding to this chaos with new targeted security vulnerabilities.

“Connected devices will generate huge data repositories and businesses that adopt big data systems will see an even larger data deluge,” he said.

“To protect huge amounts of data with large inflows and outflows, the bandwidth capabilities of security appliances will come to the fore.

Smart cities weakened by devices’ authentication issues

He says smart cities bristling with connected devices face a major vulnerability in that most of IoT technology only requires a one-time authentication process across multiple sessions. This differs from laptops and cell phones which usually require authentication every time.

“This will make them attractive to hackers looking to infiltrate into company networks, as it allows easy control and sniffing of traffic,” said Williams.

“CIOs should map out where these gateways are and where they are linked to − they can reside internally or externally and even be connected to IoT device manufacturers.”

The dangers posed by the growing global footprint of smart cities are very real, and he says new viruses are emerging to specifically target IoT technology. Williams gives the example of the new Conficker worm which was designed to attach itself to IoT devices and spread via PCs.

“Such worms and viruses are persistent and can propagate from device to device particularly with mobile and the Android operating system,” he warns. “They can easily infect up to 50 million PCs if the spread of IoT worms is not properly mitigated.