Skip to main content

Smart city and IoT security vulnerabilities

  
Smart cities and IoT is here to stay. And going forward , 5g,  Elon Musks satellites laser internet whatever system and things like nb-iot, lorawan, microwaves and more , things will only become more vulnerable. And connected.

  Hardware is hard.  Margins can also be rough.  Look at half the scams on Kickstarter and even crypto ICOs.  Sell a vision to naive folks and never deliver anything real.  Or deliver an insecure raspberry pi with no security features. The Intel's of the world have vulnerabilities much less some fly by night sell some $9.99 sensor company.

   Security is hard.  It's not sexy. Nobody cares till they have to care.  Plain text passwords, lack of security knowledge, it's all easy and faster to just pretend security isn't real.  Robinhood takes money from millennials and stores in plain text. Nice.  Not really. But even the unicorns and hot companies get caught in this release faster and who cares about software development lifecycle and security processes.   It is what it is , but real.

So what can be done about smart cities and IoT and this hatred for cryptography and encryption? The dislike of any cyber security protocols  by the politicians,  government agencies and law enforcement agencies? This is bad.  People who seem to be very uneducated when it comes to anything related to technology are passing laws and pushing their own agendas or corruptions.

Maybe it's not their fault. Maybe it is. Then again transparency and real open data  isn't a desire from any of these groups either.  Somehow not wanting  privacy and encryption , but needing it at the same time  to hide their own secrets is some massive weird unknown. It's a bit shady. And not good for anybody.  Add this hate for encryption to the Facebook's building their own private bank and bypassing encryption by just putting more controls on phones to collect and spy,  is a serious serious  issue. 

So what can we do ?

Well for IOT and smart cities , encryption is useless if the devices are vulnerable.  My company Pagarba does IoT and smart city vulnerability and pentesting.  We do blockchain. From our perspective, A good idea and best practice, whether pagarba or another firm,  is some form of IoT security audit. Perform a full end to end checks and balances assessment. Where you  assess the network,  data and device inventory, data and device classification, application and device  flow mapping,  along with a thorough risk and privacy impact assessment.  At this juncture you can even add drone mapping for physical security assessments. All this to drive appropriate protection for your IoT community, organization and smart cities. 

Comments

Popular posts from this blog

computer tech security and public policy

Digital computer security and connected IoT smart  everything have become public policy priorities in an increasingly digital and data-dependent always on and connected economy and society.

The blockchain ecosystem helps farmers receive fair prices and provides consumers with trustable and transparent data on product origins

HAITIAN FARMERS USE BLOCKCHAIN TO SECURE BETTER PRICES
UK-based startup Agriledger has created a blockchain system to help Haitian farmers sell their products at fair prices. The system fosters trust on both sides of the transaction, leading to better income for farmers and better goods for consumers.
The startup’s system offers farmers a number of services, and access to global markets and banks. Using blockchain technology, it provides registered farmers with a unique digital identification number, which makes the farmers key players in the supply chain, and gives them access to financial services, logistics, insurance and other services.  
The farmers can also tokenize their assets, making peer-to-peer trading easier and giving them further access to the commodities market. This digital system provides the farmers with several benefits; the data is inherently trustworthy, so the entire supply chain is more transparent and traceable, and it also simplifies record keeping, so it is easi…