By B.N. Frank
The technology is still optional for personal use like when consumers want to install it in their homes. Unfortunately, it sounds like anyone with a car may soon be forced to use IoT-equipped gas pumps. Utility “Smart” Meters are often NOT optional and they’ve been plagued with so many problems already (see 1, 2, 3) including fires and explosions.
Here’s more bad news from ZDNet on how IoT is putting us at even greater risk for cyberattacks:
It is not possible for any machine or device with Internet connectivity to be 100 percent secure from exploit. Firmware, hardware, and connectivity protocol-based vulnerabilities which can be used to hijack devices and their functionality are discovered on a daily basis, and when it comes to Internet of Things (IoT) products, vendors are yet to fully introduce security at the heart of development.
In 2013, research firm Independent Security Evaluators (ISE) published a study, SOHOpelessly Broken 1.0, which revealed a total of 52 vulnerabilities across 13 SOHO wireless routers and NAS devices offered by vendors including Belkin, TP-Link, Asus, and Linksys.
In a follow-up study, ISE says an examination of today’s popular routers and NAS products has resulted in over double the number of security problems and vulnerabilities being discovered in 13 IoT consumer and enterprise-grade devices, resulting in the submission of 125 CVEs.
The cybersecurity researchers say in the SOHOpelessly Broken 2.0 report that it is likely “millions” of end-user devices are impacted by the findings.
According to the cybersecurity firm, each device evaluated included at least one vulnerability that could be exploited for remote shell access or to gain unauthorized access to administration panels. In total, six devices were susceptible to remote exploit without authentication.
The state of our IoT security does not seem to have improved whatsoever despite efforts to streamline vulnerability disclosure practices and the launch of bug bounty programs.
Every week, new attack vectors against our connected devices are being developed. Trend Micro researchers recently found, for example, that underground forums are facilitating the discussion of ways to attack Internet-connected gas pumps and smart meters.
Anyone who can “opt out” of utility “Smart” Meters may want to seriously consider doing so now. Of course, if your utility company doesn’t offer an opt-out, you may want to start fighting for that option ASAP.
For more information visit our archives and the following websites:
- Coalition to Stop Smart Meters
- EMF Safety Network
- Smart Grid Awareness
- Take Back Your Power
- The People’s Initiative
Image credit: Pixabay
Provide, Protect and Profit from what’s coming! Get a free issue of Counter Markets today.