Security threats can be divided, according to their nature, into three major categories: natural factors, based on hazard; threats caused by incidents that appeared in the system (errors); threats on systems caused by human-intended action (attacks).
One of the most frequent human errors that can emerge when using IoT devices is the improper configuration, ignoring the activation of the login function or of other security mechanisms. The devices are not configured in an adequate manner, implicit factory settings are used and this is especially dangerous when passwords are involved. Proper authentication settings are not put in place, terms and conditions are not read/understood and there is no knowledge about the data collected by applications and the way of using them by third parties. Also, people give the same treatment to all the data stored in the device—without taking into account the fact that certain data, when loaded onto IoT devices, can require extra security measures. Unaware citizens are easily fooled through social engineering, spam emails, data streaming and other malicious methods. More severe are the errors that appear in the configuration of networks. The causes of errors are the “classic” ones—insufficient qualification/thoughtlessness, people’s involvement in problems that are out of their competencies (either due to curiosity, or from an exaggerated reliability in their own power to solve certain things), ignorance (we shouldn’t expect users to use a system correctly if they haven’t been trained to do so) and lack of interest in performing certain actions.
The problems related to the software are much more numerous in the IoT environment as compared to the classical environment, as a result of the juvenile character of IoT applications. Producers have difficulties in developing software which functions properly on all customized models. Even more challenging is the problem of portability for those who develop software for the whole range of devices found on the market. The significant software complexity involved by IoT, the requirement that each object/device must have a unique identity and the large code base cause difficult testing and validation procedures. In a more specific manner, shows that encryption is not used to fetch updates, update files are not properly encrypted, updates are not verified before upload and firmware usually contains sensitive information.
For various reasons, the services offered by IoT providers do not function in normal terms all the time and communication line breakdowns/lack of signal/connexion errors occurs. A malfunctioning at the level of a network, either from a provider or from within an organization, can result in the blocking of the infrastructure in a certain area of the city. Wireless networks are more vulnerable than the wired ones, due to interferences, frequent disconnections, broadcast transmission of data, low capacity and great mobility of devices. In consequence, the wireless channels are more susceptible to errors and this may lead to the degradation of security services, easier data interception and difficult use of advanced encrypting schemes. The physical security of objects is not guaranteed and their identification and authentication are problematic, especially in the public networks; the control of the objects may be lost and cascade failures may appear, caused by the interconnectivity of a large number of devices, difficult to be protected simultaneously.
In a smart city, the attack surface is an extended one. Usual problems refer to device deliberate damage/theft, attacks on devices/components intended for recycling, malware and phishing attacks, network spoofing attacks or social engineering (e.g. apps repackaging—a malware writer takes a legitimate application, modifies it to include malicious code, then sets as available for download—or attacks using a newer version of software—creator of the malicious software sets a newer version of the app, infected with malware to the smart device user). But there are also numerous novel problems that make the attack scenarios inexhaustible.
First of all, we notice a large and increasing number of sensor-based attacks. To start from our pockets, we must admit that the inventory of sensors in a smartphone is intimidating: GPS chips, microphones, cameras, accelerometers, gyroscopes, the proximity sensors, magnetometers, ambient light sensors, fingerprint scanners, barometers, thermometers, pedometers, heart rate monitors, sensors capable to detect harmful radiation, back illuminated sensor, RGB light sensors, hall sensors. Such sensors detect location of the mobile phone, in this way helping users to navigate in cities by maps/pictures, measure the position, tilt, shock, vibration and acceleration (the rate in change of velocity), rotations/twists, detect the presence of nearby objects without any physical contact, capture how bright the ambient light is, measure atmospheric pressure, deliver altitude data, detect the minute pulsations of the blood vessels into one’s fingers and calculate one’s pulse. They can capture location, movements, time stamps, even private conversations and background noises. As a result, a smartphone can be used to keep a targeted individual under surveillance. This, combined with the possibility of installing third-party software and the fact that a smartphone is closely associated with an individual, makes it a useful spying tool.
From a different point of view, the use of these sensors by different applications, the quantity and the purpose of collected data are not fully understood and controlled by their owners. For example, as shown in , video and pictures can reveal the social circle and behaviour of a citizen in a completely unexpected manner; smartphones are more and more targeted by malware which accesses the microphone, cameras and other sensors. The book mentions Soundcomber, a proof-of-concept Trojan horse application that records the sounds made when digits are pressed, identifies them and tries to reveal typed PINs or passwords.
When users placed their smartphone next to the keyboard, the deviations of accelerometer were measured. In this way, entire sequences of entered text on a smartphone touch screen keyboard were intercepted. In various similar successful examples presented to the world: using the motion sensors (accelerometers and gyroscopes), keystrokes (four-digit PINs and swiping patterns) were inferred from touch screens of smartphones and tablets with various operating systems. Also it is showed that the gyroscope can be used to eavesdrop on speech in the vicinity of the phone.
From another range of IoT devices, thermostats communicate their location (including the postcode), temperature data, humidity and ambient light data, the time and duration of activation—these data can be used to determine domestic habits of a citizen; medical bracelets store the heartbeat and sleeping patterns, collecting biometric and medical data that reveal individuals’ physiological state. It is obvious that if these valuable data are not well treated, significant privacy problems may occur.
Various new attacks are also permitted by short-range communication technology. ZigBee is a global standard and protocol developed as a light wireless communication for helping the smart objects to address one to each other in a common and easy way. With low costs and good efficiency, ZigBee technologies are used in many scopes such as home automation, industrial control or medical data collection. ZigBee-enabled systems are vulnerable to security threats, such as traffic sniffing (eavesdropping), packet decoding and data manipulation/injection. Moving on to Bluetooth, some blue-prefix attacks are bluejacking (spamming nearby object users with unsolicited messages), bluesnarfing (stealing the contact information found on vulnerable devices) and bluebugging (accessing smart objects’ commands without notifying or alerting their user). Also, anyone with a Bluetooth-enabled device and software for discovering passwords via multiple variants (brute force) could connect to road sensor, etc. Regarding Near Field Communication, possible security attacks include eavesdropping, data corruption or modification, interception attacks and physical thefts. At a 2012 BlackHat conference, a researcher presented his findings on how he hacked smart devices to take advantage of a variety of exploits.