Smart cities are not quite as bright as their administrators might think, as a just-released study has found many critical flaws in a variety of devices commonly used by municipalities. The main takeaway: vendors did not take even basic security steps to protect these critical products.
The study, released by IBM’s X-Force Red Team today at Black Hat 2018, looked at four common devices and found 17 vulnerabilities, nine of which were considered critical in nature, said Daniel Crowley, research baron at IBM X-Force Red. These included ICS components, devices used in conjunction with connected cars, and other products that control various types of sensors.
The genesis of the project was the human error that caused Hawaiian residents to believe their islands were under missile attack in January 2018. With that in mind, IBM decided to look at systems to see if its researchers could find flaws that would allow them to launch “super villain” level attacks.