IOActive: "Real-world" hacker Cesar Cerrudo has bad news for security researchers developing smart systems in the city, as he reports that he has discovered dangerous vulnerabilities.
Η warning will be announced in detail at the RSA security conference in San Francisco this week. The supervisor will present it technology of IOActive which discovered about 200.000 vulnerable traffic control sensors in cities such as Washington, London and Melbourne.
Sellers of this technology do not want penetration testing in their systems, said Cerrudo, although there are 25 major cities around the world, such as New York, Berlin, and Sydney.
Cities seem to be openly open to cyber attacks and the hacker warns (An Emerging US (and World) Threat: Cities Wide Open to Cyber Attacks PDF) that the attacks on the smart technology of the city are abundant due to the complexity of the systems, and states that sad safety deficiencies should not exist in technology cities,
"In our research at IOActive Labs, we are constantly finding vulnerable technology used… in critical infrastructure, without security controls," says Cerrudo.
"Technology vendors hinder security research: New systems and devices used by smart cities are difficult to obtain from the security research community - most are expensive and usually only sold to governments or certain companies, which makes it difficult to control systems that should normally be strictly controlled. "
He added that "a simple problem can have a large impact, due to the interdependencies and associated chain reactions [that] emphasize the need for threat modeling.”
Cerrudo says intelligent city systems markets are worth hundreds of billions of dollars and will catch 1 trillions of dollars up to 2020.