Using Hacked IoT Devices to Disrupt the Power Grid
This is really interesting research: “BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid“:
Abstract: We demonstrate that an Internet of Things (IoT) botnet of high wattage devices—such as air conditioners and heaters—gives a unique ability to adversaries to launch large-scale coordinated attacks on the power grid. In particular, we reveal a new class of potential attacks on power grids called the Manipulation of demand via IoT (MadIoT) attacks that can leverage such a botnet in order to manipulate the power demand in the grid. We study five variations of the MadIoT attacks and evaluate their effectiveness via state-of-the-art simulators on real-world power grid models. These simulation results demonstrate that the MadIoT attacks can result in local power outages and in the worst cases, large-scale blackouts. Moreover, we show that these attacks can rather be used to increase the operating cost of the grid to benefit a few utilities in the electricity market. This work sheds light upon the interdependency between the vulnerability of the IoT and that of the other networks such as the power grid whose security requires attention from both the systems security and power engineering communities.
I have been collecting examples of surprising vulnerabilities that result when we connect things to each other. This is a good example of that.
Wired article.
me • September 11, 2018 6:48 AM
reason number 29834792837 not to buy an iot thing.
I like the idea of connecting things to the internet, but i really don’t get why people does it with the current model.
for example:
take a thermostat, there is the old bimetallic that doesn’t even need power to work, there is the electric one that can be weekly programmed.
and there is the iot one that cost much more.
other problem is that company can brick your device from remote at their will.
and other again is that for reason above they doesn’t work if servers/internet doesn’t work in that moment.
so given all this negative points and the only positive is “you can control thermostat from remote”
why would someone buy it?
this is what i really don’t get, it’s not only about security it’s also about usability the “smart” thermostat to me seems an useless complication.
same goes for lights, i find much easier and faster to use classic switches than a mobile phone or any other thing.
i would never buy them, even if we ignore security problems.