SMART CITIES: THE POWER, THE RISKS, THE RESPONSE - Cyber Resilience Report - Level 15, Aldar HQ - Digital14
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Cyber Resilience Report
SMART CITIES: THE
POWER, THE RISKS, THE
RESPONSE
Level 15, Aldar HQ
PO BOX 111787
Abu Dhabi,
United Arab Emirates
1
www.digital14.com
2
TABLE OF CONTENT 01 EXECUTIVE SUMMARY 5 02 SECURING THE SMART CITY 7 03 EXPANDING RISKS 15 04 THREAT LANDSCAPE 20 05 SELECTED GLOBAL SECURITY INCIDENTS 25 06 CASE STUDY: EXPO 2020 DUBAI 27 07 CURRENT UAE ATTACK SURFACE 29 08 SUMMARY 31 09 ACTIONABLE TAKEAWAYS 32
EXECUTIVE
SUMMARY
Smart Cities are expected to unlock
enormous efficiency and productivity
gains for the UAE and other nations.
However, the Internet of Things (IoT),
the technology underpinning these
complex and interconnected urban
networks, offers a considerably
expanded attack surface for cyber
01. There were 22 billion networked
devices worldwide, according to one
estimate; by 2025, that number will
rise to 38.6 billion.4 Each of these
devices serves as an entry point
for cybercriminals. IP cameras and
digital video recorders (DVRs) can be
manipulated to bring down networks
in Smart Healthcare and Smart
these are nation-state actors or
ransom seekers. Digital14’s open-
source research shows that 18.46%
of public-facing hosts in the UAE are
potentially exposed to IoT-based
attacks.
Mobility sectors, while industrial
adversaries of all kind. control systems can be exploited to
disable large parts of the Industrial
Internet of Things (IIoT) in sectors
such as Smart Buildings, Smart
Digital14’s first Cyber Resilience Report for On the other hand, the global research and Energy and Smart Infrastructure.
2020 is published as public and private advisory firm Gartner reports that 20% of
sector organisations begin to focus on the organisations around the world have faced at Data breaches remain another
multidimensional impact of the IoT. This least one IoT attack and in 2020, a quarter of critical area, where personal
document delineates the exponential growth all attacks that organisations face will be IoT- records are often easily stolen The UAE’s aim in adopting Smart City
of the threat landscape and outlines the based. These attacks will occur with increasing without sophisticated or expensive
technologies being targeted in the UAE as the frequency. The UAE clocked an average of 304
initiatives is to improve virtually all
equipment. By 2025, networked
nation implements Smart City projects in 2020 IoT-based attacks on a daily basis in 2019.3 devices will generate over 79.4 sectors of urban living. However, the
and beyond. Finally, the report also offers zettabytes of data every year, a technologies used for this purpose
trustworthy, actionable recommendations for significant portion of it for Smart are already under attack from both
leaders and decision-makers. City initiatives.5 At present, 91.5% of
IoT transactions are sent over the
cybercriminals and nation-states,
The UAE ranks first in the Middle East and The highly networked environment Internet in plain text,6 via unsecured further raising future security risks for
23rd of 79 countries in the world in the Global that UAE companies operate communications channels that serve this advanced Arab economy. With the
Connectivity Index (GCI), which measures up this confidential information on a
countries’ progress on digital transformation.1 within provides rich pickings for upcoming Expo 2020 Dubai poised to
platter.
Accordingly, Smart City projects are underway cybercriminals, offering easy serve as the prototype for the region’s
across several emirates, encompassing a variety opportunities to release prolific As a leader in the Smart Cities first Smart Cities, organisations within
of sectors. The lifeblood of these developments movement, the UAE has the highest
is a common technology: the IoT. By 2022,
malware that can cause catastrophic the country and the region must act
number of public-facing connected
Cisco expects 51% of all networked devices to and often life-threatening damage in devices in the Gulf Cooperation now to secure every aspect of their
May 2020
be IoT-enabled, bridging the gap between the the real world, or stimulate lucrative Council (GCC). Consequently, business – and remain vigilant as the
physical and virtual worlds in dynamic new
May 2020
criminal enterprises. enterprises within the country are attack surface expands exponentially.
ways.2 For UAE residents, Smart Cities will bring ripe targets for espionage and
an improved quality of life, more efficient and sabotage. The commercialisation
sustainable governance, and productive new of cybercrime means that malware
business solutions. is simply being sold to malicious
actors willing to pay for it, whether
Cyber Resilience Report 5 6 Cyber Resilience Report
SECURING THE
02.
A city is Smart when investments in human
and social capital, traditional infrastructure,
and disruptive technologies fuel sustainable
SMART CITY
economic growth and a high quality of
life, coupled with prudent management of
natural resources through participatory
governance.10 In Smart Cities, Information
and Communication Technology (ICT)
is seamlessly integrated into the city’s
infrastructure and is imperceptible to its end
A. What is a Smart City? users.
There are several ways to define a Smart
City, but all the definitions hold one principle
at their core: using technology to solve the
long-term challenges produced by increasing
urbanisation.7 Depleting resources, greater
demands on limited infrastructure and other
environmental issues must be tackled in order Monitors and integrates Optimises its resources
to enhance the city’s liveability, workability conditions of all its critical
and sustainability. Smart Cities, then, are infrastructures
connected, responsive, and intelligent.
The vast majority of UAE residents – about
87% of the population – lived in urban areas
as of 2018, and the figure is set to grow to 92%
by the year 2050.8 But with fewer resources
available to an expanded population, the Maximise service to its citi-
country’s urban systems will need to perform zens and improve quality of
much more efficiently to deliver the same life
level of services their residents enjoy today. In
line with its reputation for visionary thinking,
the UAE government has therefore launched
a range of e-government initiatives that
harness a wide array of digital technologies in
the creation of Smart Cities.
Digital14 outlines what such a Smart City
May 2020
could look like (see Figure 1), based on the Plans its preventive Monitors all security
report, The Vision of a Smart City,9 presented maintenance activities aspects
May 2020
at the 2nd International Life Extension
Technology Workshop in Paris on September
28, 2000:
Figure 1. Definition of a Smart City based on The Vision of a Smart City.9
Cyber Resilience Report 7 8 Cyber Resilience Report
B. The smart city value chain: better C. Security risks in smart sectors
connected but more exposed
Smart Cities encompass a number of initiatives designed to improve services provided to individuals
and organisations within the environment. Digital14’s research12 focused on security risks in the following
eight sectors:
A Smart City initiative may be vulnerable to security risks in several ways across its value chain (see
Figure 2). The different possible attack points range across a four-layer architecture: devices,
transmission, the Smart City platform itself, and various sector-specific applications. Security risks
surface mainly from the three underlying layers, but a hazard arising from any layer may affect
SMART The volume and sensitivity of trusted data
numerous applications. In this regard, every layer of the Smart City’s value chain must be secured.
available to a Smart Government make it a
GOVERNANCE lucrative target for threat actors for various
purposes. Such sensitive data from platforms
within this sector could be leveraged for financial
gain or for other malicious activities. As the
SECURITY
trailblazer of all Smart City initiatives, Smart
Governance connects technology and the data it
provides with all parts of the value chain.13
SMART The primary objectives of Smart Building initiatives
include improving the efficiency and reducing
BUILDINGS consumption and energy costs.14 By their very
nature, Smart Buildings must be accessible to a
range of different stakeholders. They are therefore
DEVICES TRANSMISSION SMART CITY SECTOR SPECIFIC
hosted on publicly accessible websites, which
PLATFORM APPLICATIONS puts their security at stake. Security vulnerabilities
Collects data from the Enables communication Analyses data for Offer a point of inter- at such public-facing systems include interfaces
physical environment among connected devices decision making and face for consumers and that either require no authentication at all or use
business analytics businesses
default credentials.15
VALUE CHAIN
Initiatives for Smart Citizens aim to maintain
Data Smart
SMART active learning and establish a feedback loop of
Management Governance CITIZENS innovative ideas for the continued development
of the Smart City. Through residents’ voluntary
Analytics Smart Buildings contribution of personal data, authorities are
empowered to make better decisions.16 The
ID Management Smart Citizens confidential nature of this data necessitates the
proper upkeep of its collection and storage. Any
Smart Energy breaches or misuse of information could dissuade
Access
future citizen participation and derail further
Management Smart Healthcare
development.
Sensor / network Smart Mobility
deployment SMART Smart energy initiatives are deployed to achieve
Smart Infrastructure ENERGY a cost-effective, environment-friendly, and
sustainable use of energy.17 Sensors are widely
...
May 2020
deployed to monitor and manage energy across
Smart Technology
the cycle from generation to consumption. The
May 2020
security of Smart Grids is paramount since
its disruption or failure has the potential for
Sector-specific or not Sector-agnostic Sector-specific devastating consequences. Complex viruses could
be deployed against Smart Grids to steal sensitive
data, gain unauthorised system control, disrupt
Figure 2. Smart City Value Chain.11 power supplies, or even cause physical damage.18
Cyber Resilience Report 9 10 Cyber Resilience Report
Smart Healthcare initiatives aim to provide citizens
SMART with advanced healthcare and wellness services SMART CITIES THREATS AND ATTACKS
HEALTHCARE through the use of intelligent and networked
technologies. Smart Healthcare initiatives
encompass digital health records, home health
services and remote patient monitoring, among Smart Governance Smart Mobility
others.19 Attackers could potentially alter a device’s
Digitisation of government data increases Network-connected mass transportation
performance20 or interfere with the transmission of
cybercriminals motivation for successful such as driverless trains, when hacked,
crucial data to medical professionals, threatening
hacks and steal data. could cause damage to both operators
citizens’ safety and privacy.
and users.
Example Attack | Records of 1.5 million patients
of Singapore Health Services (SingHealth) were Example Attack | Hackers steered a Tesla onto
Providing integrated and seamless journeys for accessed and stolen by sophisticated threat actors. oncoming traffic with stickers placed on road
SMART Smart Citizens is Smart Mobility’s primary goal.
Initiatives for Smart Mobility, such as the Intelligent
MOBILITY Traffic Signal System (I-SIG),21 offer answers to Smart Technology Smart Buildings
mobility challenges such as traffic congestion,
inadequate parking spaces, and poor road safety The centralised device management Increasingly digitised data in home life
through the use of integrated multi-modal and of smart devices, being a “one- pose continuous privacy and safety
intelligent mechanisms.22 However, the same stop-shop,” is a lucrative target for concerns
technology that provides these benefits could cybercriminals to wreak havoc.
have adverse effects if successfully compromised Example Attack | Hackers targeted a smart
Example Attack | Kaspersky researchers hack thermostat in a civilian home in Chicago and was
by attackers. A 2018 University of Michigan study able to turn up heat
colleague’s smart Fibaro Home Center 2
showed that a hacker could send false information
to the I-SIG from their own vehicle, causing traffic
delays in the area up of to 38.2%.23
Smart Infrastructure Smart Energy
Smart Infrastructure aims to enhance the physical Devices supporting automation for Smart grids provide cybercriminals new
SMART world with actionable digital insights thanks to its large metropolitan areas provide platform to exploit for profit.
INFRASTRUCTURE interdependent relationship with different sectors cybercriminals an avenue to cause
Example Attack | Hackers exploited firewall flaws
of a Smart City. As the backbone of any economy,24 widespread chaos and physical damage. causing interruptions of electrical system operations
infrastructure serves as an enabler for other sectors across US’ western region
Example Attack | Stuxnet worm targeted Siemens S7
within the Smart City ecosystem. However, its PLC as part of the campaign to sabotage Iranian
extended usage broadens the attack surface for centrifuges
malicious actors. Attackers gain new opportunities
to affect the city’s physical environment as a greater
number of services begins to benefit from Smart Smart Citizens Smart Healthcare
Infrastructure initiatives.25
Lack of transparency could lead to Smart health devices present
distrust and unsupportive responses from cybercriminals the chance to manipulate
citizens functionality, then trigger a life or death
If Smart Infrastructure is the backbone of a Smart
SMART City economy, then Smart Technology is its beating
situation to users.
Example Attack | Protests emerged in Johannesburg
TECHNOLOGY heart and likewise transcends various sectors in due to repeated hacking attacks against Example Attack | Hackers controlled pacemaker
the modern city ecosystem. However, the road government’s e-services performance putting patient lives at risk
to security maturity for most IoT devices remains
considerably lengthy. An IBM overview of 17 zero-
day vulnerabilities affecting popular IoT devices
Figure 3. General threats and Actual
such as default credentials or SQL injections Attacks in Smart City Sectors.27
shows that many vendors have yet to reach the
required level of maturity and are preoccupied with
capability over security.26
May 2020
May 2020
Cyber Resilience Report 11 12 Cyber Resilience Report
The UAE government is a leading global advocate
of Smart Cities and an early champion of their
benefits. Since 2013, the nation has been actively
working to transform itself into a modern, digital Smart Governance Smart Buildings Smart Citizens Smart Energy
society.28
2018 October 2018 April 2019 March 2019 June
Pilot phase for the Zayed Masdar City UAE Ministry of Dubai Electricity
Smart City Project to inaugurated Etihad Education launched & Water Authority
manage infrastructure Eco-residence as the the Al-Diwan and (DEWA) on the 5th
through Information first purpose-built Smart Learning Gate phase of the Solar
Technology and the sustainable residence mobile applications to Park aiming to
Internet of Things educate students provide power from
clean energy
Smart Healthcare Smart Mobility Smart Infrastructure Smart Technology
2018 November 2018 October 2019 March 2019 October
Dubai Health Authority Masdar City tested Dubai Silicon Park UAE launched 5G,
(DHA) to use artificial autonomous shuttle inaugurated to a first in the Arab
intelligence and machine that uses LIDAR deliver infrastructure Region, to support the
learning to enhance sensors to detect solutions to both country’s efforts on
data analysis, improve obstacles and their residents and digital transformation
specificity of diagnoses position relative to the businesses
and prognoses, etc. vehicle
Figure 4. UAE Smart City Initiatives.34
D. The UAE’s From being an early adopter of e-government initiatives to
offering smart services for citizens and residents on mobile
E. The lifeblood Sensors within such IoT-enabled devices
communicate, collect, and exchange data with
smart city devices, the UAE has leveraged a number of new technologies to
create a Smart Nation with applications that match or transcend
of the smart other devices across the value chain. This data is
then analysed to optimise products, services and
initiatives global standards. Since each smart sector adopts technologies
to enable its own specific goals, application levels vary across
city: the IoT businesses with the end goal of improving the
quality of life for a Smart City’s inhabitants.
all sectors, and some solutions are more actively exploited than
others. With an increasing number of countries seeking to
unlock the benefits of Smart Cities, the IoT market
The UAE’s digital transformation is spearheaded by Abu Dhabi is recording double-digit growth. International
and Dubai, with initial Smart City projects launched by Fujairah Data Corporation (IDC), the market intelligence
and Sharjah.29 The UAE leads the Middle East and ranks 23rd of Smart Cities around the world, firm, forecasts that the worldwide IoT market will
79 countries in the world on the 2018 Global Connectivity Index including in the UAE, rely on a range reach $1.2 trillion by 2022, a compound annual
(GCI), a global measure of digital transformation.30 of technologies from smart grids to growth rate (CAGR) of 13.6% between 2017-2022.36
Cellular IoT connections alone are expected to
There are two principal Smart City projects in the UAE. Smart
global positioning systems. In turn, reach $3.5 billion in 2023, clocking a CAGR of
Abu Dhabi provides operational support for the ICT integration of all these are underpinned by the 30%.37
the emirate’s government, and the management of its agencies’ Internet of Things (IoT), a revolutionary
institutional and development functions.31 Smart Dubai 2021 uses Those projections represent billions of devices, any
communications model comprised
May 2020
happiness as the ultimate success indicator.32 Figure 4 provides one of which may be compromised if improperly
examples of key UAE Smart City projects from October 2018 to of an invisible, innovative framework secured. Given this exponential growth, securing
May 2020
October 2019. The presence of initiatives in all the eight sectors that connects digital devices to the the IoT and Smart Cities in general becomes
highlights the UAE’s continuing commitment towards digital internet.35 critically important. The UAE’s technology-
transformation, underscoring its high rank on global indices.33 driven Smart City initiatives rely on reliable and
trusted IoT-connected supply chains to enhance
efficiencies for businesses and residents, but those
new systems bring new types of security risks.
Cyber Resilience Report 13 14 Cyber Resilience Report
03.
EXPANDING
RISKS
A. Infrastructure’s
expanding attack
surface
As we have seen, the very networks that the system. Multiple vulnerabilities have also Assessing the number of networked devices the capabilities of their malware for malicious
support Smart Cities open them up to been discovered in Tesla vehicles, one of in use worldwide is challenging because of tasks such as distributed denial of service
unprecedented levels of risk. With the number which allowed attackers to remotely activate the nature of collating such estimates. What (DDoS) attacks. In October 2016, US-based
of networked devices growing to tens of the braking mechanism.42 As more semi- remains indisputable, is that the number of web application security company Dyn
billions,38 those risks will expand exponentially autonomous vehicles make it onto city streets, connected devices will rise as IoT expands confirmed being targeted by malicious attack
across a broader attack surface. According such vulnerabilities will become more common. its reach. Strategy Analytics appraised the traffic. The company confirmed that the
to Cisco’s Visual Networking Index, IoT number of networked devices at 22 billion as Mirai botnet as the primary source, with the
connections will grow to 51% of networked Smart City technologies also extend to the of the end of 2018, a number forecast to rise to involvement of nearly 100,000 malicious end
devices worldwide by 2022.39 Digital14 industrial world and its subset of the IoT, the 38.6 billion devices by 2025.44 points.48 The attack brought down websites,
examines how those risks can play out: Industrial Internet of Things (IIoT). While most mostly based in the US and Europe, such as
observed cyberattacks have not as yet led to Each IoT device hosts technologies that any Twitter, the Guardian, Netflix, Reddit, CNN
Vulnerabilities are now being seen in devices catastrophic physical disruptions, the intent persistent threat actor may target to access and many others.49 The botnet achieved this
in sectors such as the Smart Healthcare and and ability to cause life-threatening physical an organisation’s network. And IoT devices are with the help of approximately 145,000 IoT
Smart Mobility. In Smart Healthcare, for consequences is evident, as seen in past being constantly hit to gain initial entry. Gartner devices, principally IP cameras and DVRs.
example, vulnerabilities have been found cyberattacks against industrial control systems reports that 20% of organisations observed at As more devices are networked, we expect
in pacemakers40 and insulin pumps.41 By (ICS). The Stuxnet malware that targeted least one IoT-based attack from 2015 to 2018.45 the threat capabilities of such botnet and the
exploiting those weaknesses, malicious actors Iranian centrifuges, first revealed publicly in By 2020, more than 25% of attacks against potential pool of target devices, to expand
could launch untraceable, severe attacks 2010,43 was specifically intended to disrupt an enterprises will involve IoT devices.46 Yet, a 2018 correspondingly.
across the entire system. In the Smart Mobility industrial process. survey of 950 companies that make and use
sector, a 2014 study highlighted weaknesses in IoT technology found that just under half – 48% Furthermore, onboarding the technology
May 2020
the traffic infrastructure of a Michigan road - do not have detection mechanisms in place and devices required to support Smart City
agency; attackers were able to control over to protect against cyber attacks. About 79% of initiatives also presents adversarial nation-
May 2020
a hundred traffic lights after compromising respondents believed governments should lead states with a target-rich environment for both
efforts to set and enforce tougher IoT security espionage (by gathering data on all niches of
standards.47 a city’s pattern of life), and/or sabotage (by
crippling a Smart City’s infrastructure).
The IoT’s growing use presents an attractive
target for botnet operators seeking to boost
Cyber Resilience Report 15 16 Cyber Resilience Report
B. Industrial IoT C. Data protection
ICS has been subjected to persistent attacks Through unprotected IIoT networks, threat Much of the value of Smart City technologies • Deploying and scaling low-energy secure
for at least a decade as threat actors have actors will be able to develop malware, lies in the lucrative data they generate, from the protocols and encryption schemes on
successfully targeted industrial processes over techniques, tactics and procedures that granular details of road traffic movements to networks and devices
this period. The IIoT, while further improving can be aimed at different, geographically databases of personally identifiable information • Enforcing safe and secure communication
the connectivity of ICS technologies, could diverse organisations. The majority of (PII). According to IDC estimates, global devices while bridging the cyber-physical security
expand the existing attack surface of ICS- active threats targeting the IoT are borne will generate over 79.4 zettabytes of data gap, and,
managed infrastructure. Networked controls in by self-propagating malware or cyber- collectively in 2025.50 Cybercriminals and nation- • Safeguarding privacy and enforcing data
Smart Buildings could offer one access route, espionage vectors, yet modernised industrial state actors value this information, particularly anonymity whenever applicable.
for example. Many of the technologies being processes will allow threat actors a new data concerning PII, intellectual property, and the
used to develop sectors such as Smart Energy, set of opportunities to carry out physical socio-economic environment of another country’s A May 2019 report by information security
Smart Infrastructure, and Smart Buildings disruptions with severe consequences. Without population. company Zscaler examined approximately 56
will build on pre-existing functionalities that controls such as network security monitoring, million IoT transactions processed over a 30-
have enabled automated manufacturing anomalous activity detection and accurate As we have seen in the United States, the theft day period. Approximately 91.5% of these were
and industrial controls for decades. While network device discovery, industrial sites are of personal records through data breaches has communicated without proper encryption. The
IIoT disruptions are significantly fewer than at an increased risk of attack. mounted steadily over the past decade.51 Such transactions were made from 270 different
the number of global cyberattacks, past ICS data breaches do not always require sophisticated types of IoT devices made by 153 different
attacks demonstrate the presence and intent attacks or significant resources. Since any data manufacturers.52 Separately, a November
of such disruptions. Accordingly, cities will have generated or used by the Smart City must be 2019 report from CyberX analysed 1,821 IoT/
to defend against them as smart initiatives stored, cybercriminals need merely to scout for ICS networks over the previous year. About
progress. improperly secured data repositories. Database 64% had unencrypted or clear text passwords
administrators often fall short of basic security across their networks, and 54% of the
precautions such as strong authentication networks could be accessed remotely using
May 2020
credentials or segmenting such databases from standard protocols such as remote desktop
public exposure. protocol (RDP), secure shell (SSH), and virtual
May 2020
network computing (VNC).53
Safeguarding data in transit presents another
major challenge for projects integrating IoT
solutions. Digital14 has identified several pain
points regarding secure data transmission in
Smart City projects:
Cyber Resilience Report 17 18 Cyber Resilience Report
04. THREAT
LANDSCAPE
Smart Cities are designed to increase
productivity and efficiency for everyone, but
they could present potentially serious risks when
cybersecurity is neglected. The spread of IoT
devices exposes a wide range of vulnerabilities
that cybercriminals and other malicious actors
can exploit for various purposes.
A. Targeted
technologies
IoT technologies, whether currently in use or soon the process also disabling the safety mechanism to
to be deployed, will continue to face persistent shut down systems.55
threats. The Mirai family of botnets, in particular, In 2018 and 2019, xen1thLabs researchers
targets devices commonly used at home, such discovered four vulnerabilities in popular lines
as routers, DVRs, and IP cameras. This malware of Sony Smart TVs. After notifying Sony and
family aims specifically at IP cameras and providing them with a reasonable time to fix the
routers, which link together all the networked vulnerabilities, this information was later disclosed
devices in a home or workplace. These items are publicly. One weakness affects the Photo Sharing
under constant threat of detection by botnets, Plus app installed on numerous TV models.
which continuously scan public-facing devices By leveraging the Photo Sharing Plus API, an
over the internet. unauthenticated remote attacker could retrieve
the Wi-Fi credentials of the home or office where
IoT devices in healthcare and transportation the Smart TV was being used. Such information
sectors have also been compromised in the could provide an attacker with a powerful pivot
May 2020
past. In June 2019, NewSky Security researchers into a corporate network. The other vulnerability
observed ongoing attacks against a web-based allows an unauthenticated attacker to read
May 2020
DNA sequencer, where attackers exploited a arbitrary files on the device. These weaknesses
vulnerability within the application and gained reflect the risks inherent in increased connectivity
access to the underlying systems.54 In November across everyday activities.
2016, a DDoS attack targeting two buildings in
Finland disabled the sensors monitoring data
such as temperature and radiator pressure, in
Cyber Resilience Report 19 20 Cyber Resilience ReportB. Threats
Cybercriminals with differing levels of expertise against IoT devices in the first half of 2019. Over Malware is often a commercial
are actively looking for – and finding – ways the same period, Kaspersky identified Linux. commodity available for purchase by
to penetrate into IoT devices. The system’s NyaDrop.b as the most prolific Mirai variant.56 both cybercriminals and nation-state
exponential adoption coupled with improper actors. Thus, the authors of a particular
safety precautions offers them innumerable routes Mirai and its derivatives remain the most common software may not be the ones actually
to successful infiltration. IoT malware. First discovered in August 2016,57 using it to trigger attacks. In the case
Mirai quickly spread to routers, DVRs and IP of TheMoon botnet, vulnerable routers The origin of prolific IoT malware goes
Active threats against the IoT are already present, cameras by leveraging vendor-supplied default and modems were targeted in order back to 2009, when the self-propagating
but self-propagating malware dominates the credentials. The botnet was responsible for to expand its botnet infrastructure. By Psyb0t compromised tens of thousands of
landscape in terms of volumes of attack and significant DDoS attacks that year. By October 2019, updates to the botnet’s malware routers running MIPSel Linux firmware by
effect. High-profile malware, such as the Mirai 2016, Mirai’s author had published its source had transitioned into a commercial exploiting weak default credentials.61 Besides
variants, have wreaked havoc on both traditional code, allowing it to be repurposed into several service.60 TheMoon has been designed Mirai, more distinct malware families have
network resources and IoT devices. Critically Mirai malware variants (see Figure 6). These for commercial purposes and can be emerged (see Figure 7), with most exploiting
vulnerable IoT devices are widely deployed across new versions have been deployed in a number of leased to any threat actor willing to authentication issues to gain initial access to
homes, businesses, and municipal environments, different exploits to countless new devices. The pay. Its attacks on the IoT are often vulnerable IoT devices.
constituting a particularly attractive canvas for variant Echobot, for instance, targets both IoT and aimed at expanding its commercial
botnets to spread. non-IoT technologies such as application servers applications.
and networking software.58
A Kaspersky report released in October 2019
revealed Mirai and its variants as the top threats
Trinity Miner VPNFilter SOHOPharming Http81
2019 Jul 26 2018 May 23 2013 Oct 13 2017 Apr 24
Android Devices Routers Routers Cameras
Figure 6. Mirai Malware Family and Variants.
59
BrickerBot Linux.Wifatch
ECHOBOT 2017 Apr 19 2014 Nov 9
Embedded Devices Embedded Devices
BASHLITE SATORI
TheMoon PsyB0t
2013 Feb 14 2009 Mar 25
Routers Modems - Routers
Silex Hajime
2019 Jun 25 2016 Oct 16
OMNI ASHER Embedded Devices Embedded Devices
MIRAI
May 2020
Linux.NyaDrop Persirai Botnet
May 2020
2016 Oct 14 2017 May 9
MIPS-Based IoT Devices IP Cameras
MIORI OKANE
Figure 7. Unique Malware Families targeting IoT devices.62
Cyber Resilience Report 21 22 Cyber Resilience ReportWhile the distinctions between cybercriminals video decoders and voice-over-IP (VoIP)
and nation-state groups behind cybersecurity phones. Here, the attacked IoT devices were
threats have long been muddied by difficulties not the primary targets but functioned as
in attribution, threat actors specific to IoT launch pads to achieve greater destruction
operate within an even more nebulous within the recipients’ networks.64
environment. The main difficulty in defining
threat actors arises because malware Other threat actors have been pinned to
designed to create botnet-as-a-service specific attacks, even if any agenda or
applications overshadows specifically targeted associations to specific countries or groups
breaches. are unknown. For example, Slingshot, named
after malware observed by Symantec in 2018,
In 2018, malware and botnets comprised the compromised routers to deploy handcrafted
vast majority of threats and successful attacks espionage tools.65 Although the botnet-as-a-
against the IoT.63 Such threats are rarely linked service model conceals culprits behind most
to specific actors. However, specific malicious IoT botnet activities, a black hat hacking group
actors such as the Russian cyber-espionage known as Lizard Squad has been connected to
group, APT28 (also called Strontium, Sofacy at least one botnet, known as LizardStresser.
Group, or Fancy Bear), have targeted multiple
organisations by first aiming at office printers,
APT28 Motivation Targeted IoT Devices Malicious Tool
Espionage Routers, NAS, VOIP phones, office print- VPN filter
ers, video decoders
Last reported date: Sophistication Target Country
2018 May 2466 Nation-State Ukraine
Slingshot Motivation Targeted IoT Device Malicious Tools Lizard Squad Motivation Targeted IoT Devices Malicious Tool
Unknown Routers Cahnadr (aka Ndriver) Unknown WiFi-enabled cameras and surveil- LizardStresser
GollumApp lance systems
Last reported date: Sophistication Target Countries Last reported date: Sophistication Target Countries
2018 March 967 APT UAE, Yemen, Jordan, Turkey, Iraq, Libya, 2016 September 2968 Unknown USA, Brazil
Afghanistan, Kenya, Congo, Sudan,
Somalia, Tanzania
May 2020
May 2020
Cyber Resilience Report 23 24 Cyber Resilience Report05.
Los Angeles, California
21 Aug 2006
Two traffic engineers hacked into the city’s
Traffic Surveillance Center and disabled the
signals, causing gridlock for several days Estonia
27 Apr – 18 May 2007
Pro-Russian hackers launched DDoS attacks
on Estonia’s key government websites
rendering them inaccessible for days
Rye Brook, New York
28 Aug - 18 Sep 2013
Iranian hackers breached computer-guided
controls of Bowman Avenue Dam accessing
status and operation data
Germany
2014
Unknown attackers used spear phishing mail
to access a steel works facility resulting to
SELECTED GLOBAL
unscheduled closure of the furnace
Ukraine
SECURITY INCIDENTS
23 Dec 2015
BlackEnergy malware planted in networks of
multiple power companies in Ukraine, and
led to blackouts in different regions
Lapeenranta, Finland
Nov 2016
Cybercriminals launched DDoS attack on the
building management systems knocking out
heating controllers
Dallas, Texas
8 Apr 2017
Hackers activated the emergency outdoor
sirens with a rogue radio signal causing
misinformation and panic among residents
New Delhi, India
9 Apr 2017
Three civilians exploited an accessible Wi-
Fi port at a metro station in New Delhi and
played a pornographic clip causing disruption
Sweden
11 - 12 Oct 2017
Suspected nation state group launched
May 2020
DDoS attack on Sweden’s transportation
system causing train delays
May 2020
Bristol, United Kingdom
14 Sep 2018
Unknown attackers launched ransomware
Figure 8. Global Security Incidents in Smart attack at Bristol Airport causing a shutdown
Cities.69 on flight display screens
Cyber Resilience Report 25 26 Cyber Resilience Report06.
that secure new technologies and support cross- factor is often the weakest link when it comes to
partner flexibility and functionality. On top of this, cyber security. Irrespective of the technologies
Expo 2020 aims to strike a balance between local and controls in place, if an employee is not willing
and international best practice and regulations to take responsibility for cyber-secure practices,
in data privacy and to comply with the General then this exposes the organization to even greater
Data Protection Regulation (GDPR) – ensuring the cyber security risk.
safety and privacy of Expo visitors’ data.
Expo 2020 selected the Cyber Smart programme
from Digital14 with the aim of incorporating a
thorough cyber security awareness program that
The solution will establish an intelligent, cyber-smart team
capable of ensuring the data of all visitors and
A homegrown UAE-based organization, Digital14 international participants is safe and secure. All
enjoys the reputation of a reliable and proven employees and partners will undergo relevant
cyber security partner. Digital14 has a proven track training, which will in turn be invaluable with
CASE STUDY:
record of working alongside many government regard to maintaining safety and cyber security.
entities and across critical infrastructures,
delivering an integrated, holistic approach to Expo 2020’s cyber security team is organized
EXPO 2020 DUBAI
cyber security while enabling enhanced visibility to provide a comprehensive cyber security
over all elements of a project. service covering infrastructure networks and
application security, monitoring and operations,
In the context of a holistic cyber security and compliance and governance. Alongside a
framework, Digital14 will provide continuous specialized team of cyber security experts, all
application and infrastructure security monitoring, Expo employees will ensure operations related to
risk assessment, incident response, and digital the event are aligned with the highest standards
forensics to ensure Expo 2020 will be one of the of cyber security. To encourage this, Digital14 and
Background breach could be observed by millions of visitors. Expo 2020 initiated an information security cyber
A robust Security Operation Center (SOC) is safest and most technologically secure World
Expos ever held. At the core of its mandate awareness campaign ‘Cy Safe’. The campaign
One of the most anticipated World Expos of all time and critical to ensuring a seamless event and avoiding targets different segments of Expo through a
any incidents that may impact infrastructure as Expo 2020 Dubai’s Official Cyber Security
the first ever to be hosted in the Middle East, Africa and Provider, Digital14 will oversee the cyber security novel, interactive set of learning modules that can
South Asia (MEASA) region, Expo 2020 Dubai will host and operations. The IoT ecosystem is particularly be easily shared with partners and staff.
sensitive, emphasizing the need for enhanced of the event’s entire digital platform – as well
millions of visitors from across the world throughout as the applications and data it supports – to
its six-month run. With such a large number of visitors data privacy and protection. The overarching goal
is to safeguard the visitor experience and ensure safeguard the digital experience of millions
expected throughout the duration of Expo, as well as of visitors and more than 190 international
the fact that up to 130 buildings across the 4.38-square- the event serves as a proud legacy for Dubai and
the UAE. participants. Expected Outcomes
kilometer site will be interconnected via Internet of
Things (IoT), there is a cyber security risk to the event’s Digital14 is responsible for delivering and
infrastructure and operations. Therefore, all associated The more digitized an event becomes, the more
vulnerable it is to security breaches, which managing a next generation Security Operations World Expos are widely regarded as catalysts of social
challenges relating to IoT security must be addressed. Center (SOC) for the duration of Expo 2020. This
The digital infrastructure of Expo 2020 crosses several presents a significant cyber security challenge. and economic transformation that generate enduring
Because Expo 2020’s digital agenda entails a will provide increased visibility across critical impacts for host cities and nations. Promising to deliver
smart city domains and sub-domains, and a breach of areas in Information Technology, Operational
IoT security and subsequent cyber-attack could pose a unique and seamless digital user experience, a safe and secure digital experience like no other, Expo
cyber security is essential for the protection of Technology, and IoT. At the same time, it will 2020 Dubai is set to create a lasting legacy for visitors,
risk to the infrastructure and operational capacities of support robust cyber security protocols and
the event and ultimately damage its reputation. data, instructure, and the network, as well as participants, and the UAE – underpinned by world-class
monitoring all operations. a resilient cyber security environment that cyber security innovations.
delivers situational awareness, reduces risk and/
The event’s cyber security operations will revolve or downtime, supports audit and compliance,
The challenge prevents and controls threats, diminishes
With the ever-growing adoption of connected devices
around the safety of all international participants globally, digital platforms will help shape each visitor’s
and millions of visitors. A major threat is the risk administrative overheads, and provides log experience at Expo 2020 – making cyber security crucial
Expo 2020 will be one of the largest World of data leakage, which could have detrimental forensics and reporting. to the success of the six-month event. Working hand-
Expos to date. More importantly, however, Expo internal and external consequences. To counter in-hand with Digital14, Expo 2020 Dubai is on track to
2020 Dubai is expected to be one of the most this, Digital14 will create and maintain a solid The team will detect, report, and respond to cyber deliver one of the most technologically secure World
digitally advanced World Expos ever held70 . IoT foundation for a smart city environment and security incidents throughout the organization to Expos in history.
May 2020
connectivity represents a critical component ensure a s smooth and secure digital experience. minimize disruption to Expo 2020. Incident priority
of the event’s digital infrastructure, and the Any mega event requires cyber security of the will be determined according to the impact of the
May 2020
latest IoT technologies will be used across the highest possible standards due to its critical nature incident on Expo 2020’s business and the urgency
entire IoT infrastructure and Expo 2020 site. and the extensive cyber-attack surface presented of the required response. In case of an incident,
Without appropriate cyber security protocols, by its digital footprint. To counter such risks, Expo the primary concern is to restore services as
IoT applications would be vulnerable to cyber 2020 requires innovative cyber security solutions, quickly as possible and in compliance with service
attacks. The visibility of this physically connected ground-breaking initiatives and ongoing services levels agreed with the business.
infrastructure also poses a further risk given a In addition to technical considerations, the human
Cyber Resilience Report 27 28 Cyber Resilience Report07.
Figure 10. Number of exposed DVRs in the GCC.72
4000
3500
CURRENT UAE
3000
ATTACK SURFACE
2500
2000
1500
1000
500
0
UAE
KSA
OMAN
QATAR
BAHRAIN
KUWAIT
Figure 9. Number of exposed IP cameras in the GCC.71 Figure 11. Average Daily IoT Attacks by Country.73
In its review of the current and most 25000 As IoT malware typically operates
active threats targeting IoT devices, by mapping and cataloguing
Digital14 surveyed the attack public-facing networks in search of
surface within the UAE through commonly vulnerable devices such 304 291
20000
open-source research to ascertain as IP cameras and DVRs, the graphs
the risks facing organisations in indicate that the UAE is now a ripe
the country. Digital14 specifically target for existing botnets to expand
reviewed public-facing hosts that 15000 their infrastructure. As mentioned
can be easily breached by the army previously in the report, these
of existing botnets and examined devices are frequent targets of IoT
current IoT attacks on compromised attacks.
10000
devices in the region.
Digital14’s examination of global
113 103
As compared to other GCC member IoT attack data reveals that the 71
states, the UAE is at a particularly 5000 UAE is hit by an average of 304
high risk of attack, given the attackers per day – the highest of 40
large number of publicly-exposed all the GCC countries (see Figure
devices commonly targeted by IoT 11). In this case, attackers hone in
botnets. The adoption of Smart City 0 on a compromised IoT device within
initiatives will certainly expand this the UAE, and then attempt to target
UAE
KSA
OMAN
QATAR
BAHRAIN
KUWAIT
UAE
KSA
OMAN
QATAR
BAHRAIN
KUWAIT
risk. further devices.
May 2020
An examination of public-facing
May 2020
hosts within the GCC revealed that
the UAE has by far the highest
number of public-facing IP cameras
and DVRs (see Figures 9 and 10).
Cyber Resilience Report 29 30 Cyber Resilience ReportWith the relatively high volume of IP
cameras and DVRs in the UAE and
the Mirai malware family’s affinity
for such devices, Mirai botnets
logically comprise the bulk of all
IoT attacks in the country. Nearly
three-quarters of IoT attacks are
reported in connection with devices
compromised by Mirai (see Figure
12).
08. Digital14’s first Cyber Resilience
Report for 2020 reviews Smart City-
enabling technologies and their
intrinsic threats and risks for the UAE
in its transition to a Smart Nation.
SUMMARY
This complexity requires increasing
levels of cooperation between
governments, businesses and
citizens. Leaders of organisations
that adopt IoT technologies need to
Figure 12. Percentage of Mirai malware prioritise, identify and address the
variants in IoT attacks in the UAE.74 Smart technologies will increasingly threats outlined in this report.
enable the convergence of the
physical and virtual worlds, and Digital14’s Threat Intelligence
Other IoT malware as IoT-related devices and their capability provides unique insights to
supporting infrastructure proliferate, clients to enable informed decision-
threat actors will correspondingly making around the implementation
target this expanded attack surface. of Smart Technologies while
When everything from power grids addressing management concerns
to medical devices is connected to regarding ongoing and evolving
the Internet, security could become a threats. When forewarned against
27.87% matter of life and death. these potential threats, clients
are able to enact precautionary
The UAE has already established measures that protect their
itself as a global leader in smart businesses while unlocking the
initiatives and technologies. Now efficiency gains of tomorrow’s
the time has come to establish pioneering technologies.
72.13% its credentials as a global smart
security leader. Digital14’s highly specialised expert
teams provide clients with rapid,
accurate, and trusted insights
Digital14’s research and analysis
into the local, regional and global
of Smart City initiatives, as well as
threat landscape confronting
Mirai Malware the adoption of IoT technologies
organisations of all sizes. This
both locally and globally, reveals an
expertise is applied to protecting
increasingly complex canvas, with an
Operators of IoT botnets also often conduct the unique, hyper-modern
increase in potential threats facing
attacks intended to simply expand their infrastructure of organisations
every sector of our society.
infrastructure. Once an IoT device is compromised, such as Expo 2020 Dubai. With
the malware tries to use it to attack more market-leading research and
traditional public-facing devices. These attacks security implementations, the
May 2020
follow the same technique: they identify potential Threat Intelligence Center (TIC),
IoT targets and then scan them for available and Cyber Network Defense (CND),
May 2020
vulnerable services. Digital14’s survey looked at Security Operations Center (SOC)
compromised services such as webservers and and Test and Validation Labs
remote access protocols. At the time of writing this (xen1thLabs) collaborate to provide
report, based on open-source research, 18.46% clients with world-class auditing,
of public-facing hosts in the UAE were potentially recommendations and active threat
exposed to IoT-based attacks. monitoring solutions.
Cyber Resilience Report 31 32 Cyber Resilience Report09.
Segment IoT networks discovery and a network topology mapping system
should regularly scan and report its findings on
SIX
your networks for regular auditing, review and
compliance with organisational goals.
ACTIONABLE IoT devices should always be isolated from
sensitive consumer and enterprise data. Threat Safeguard data
TAKEAWAYS
actors such as APT28 have already successfully
used IoT devices to springboard into broader
enterprise networks. As IoT devices are often
deployed in greater volumes than critical network
infrastructure systems, the attack surface of the Smart City-enabling technology inherently
network segment is broadened considerably. requires the production and storage of enormous
Similarly, as IoT devices can be more difficult volumes of data. Determining the infrastructure
to patch because they are often not designed and security controls necessary to safeguard this
In the newly complex landscape of the IoT-enabled Smart Business, businesses to support third-party solutions, overall risks data before the technologies are deployed will go
must adopt a number of best practices to protect themselves against new and associated with the networks would be more a long way to reduce risks of database exposure,
difficult to mitigate. such as those seen on a seemingly daily basis.
evolving threats. Digital14 recommends the following security actions to maintain
stakeholder trust: For industrial sites, consider completely eliminating Unfortunately, data owners do not always deploy
any connections between the IT and OT teams that the necessary security controls. This is evident by
do not pass through an on-site Demilitarized Zone. some of the database breaches detailed under
Validate IoT devices Incorporate IoT Ensure that external connections arrive through
VPNs with two-factor authentication. A privileged
Section four. Expanding Risks. According to a
survey conducted by Gemalto for its 2018 State
before deployment devices with risk access control solution should manage credentials.
Authentication workflows should be routed in such
of IoT Security Report, only 60% of organisations
using IoT technologies encrypt their data.75 Prior to
assessment a way that security operations centres are instantly
alerted to any unauthorised access. Finally,
the launch of new IoT technologies, the sensitivity
and location of the forthcoming data must be
develop a granular, policy-based segmentation properly incorporated into risk assessments.
ruleset to actively control which devices
Every organisation seeking to onboard new IoT communicate with each other. Such controls are
devices across their enterprise should first test
and validate such equipment from the vendor by Some IoT devices, such as IP cameras, may not
especially critical in industrial environments where
traditional security practices may not always work. Regular audits from
cloud providers
way of an adequate vulnerability assessment. necessarily carry a significant impact beyond
their function as access points to identify, read
Some of the most vulnerable IoT devices, such and exfiltrate sensitive data. On the other hand,
as routers and IP cameras, are among the most
widely used in enterprise environments. The
IoT equipment such as biomedical devices or
ICS units could be successfully attacked with
Monitor device activity
vulnerabilities lie largely in simple oversights such catastrophic or even life-threatening results.
as default credentials, outdated and vulnerable Smart Cities’ different components will generate
Regardless of the impact, however, IoT devices
software, or unnecessary and undocumented high volumes of data that will require vast
introduce significant challenges and differing
services to enable administrative access. Indeed, quantities of storage. Consequently, some
weights within risk-management processes. IoT devices can be particularly difficult to monitor
currently observed threats targeting the IoT organisations will naturally partner with cloud
with traditional log management systems, as providers to offload storage and compliance
could be characterised as opportunistic and In mitigating risks, IoT devices are not always logging capabilities can vary widely. Nevertheless, responsibilities.
low in complexity. The Mirai malware family, easy to incorporate into the vulnerability most of the active threats detailed in this report
which accounts for more than 70% of IoT attacks management cycle. Many IoT devices are – from the wide range of malware strains to the Since IoT devices often store sensitive personal
in the UAE, relies entirely on two simple ways designed to be low-powered and require threat actors involved – operated over established information about their users, security risk and
of propagation: brute-forcing credentials and minimal computing resources, and therefore network infrastructures. In this regard, network compliance officers should follow an accepted
leveraging publicly available exploits. may not support the third-party applications traffic should be monitored for any abnormalities. cloud computing audit assurance program to
needed for security tasks such as patch assess and confirm the policies and controls
Although usually easily mitigated, such management. Firmware must be upgraded Placing security controls such as an Intrusion in use at an organisation’s desired cloud data
May 2020
vulnerabilities are even easier to detect and immediately when made available by its Detection Systems in line with network-segmented partner. The Information Systems Audit and
prevent during proper security assessments vendors. IoT devices can assist in the early detection of
May 2020
Control Association and the Institute of Chartered
before the devices are deployed on a wide scale IoT attacks or suspicious activity originating Accountants in England and Wales have detailed
across the enterprise. from an IoT device. Most botnets, which make processes to assist officers assessing risks
up a significant threat by volume, will provide of various cloud providers and maintaining
signatures that any capable security operation compliance with legal frameworks in their relevant
centre should be able to handle. Automated asset jurisdictions.
Cyber Resilience Report 33 34 Cyber Resilience ReportABOUT
DIGITAL14
Delivering trust in a world where cyber risks are
a perpetual threat, Digital14 guides clients on
their journeys to reach unprecedented heights
and navigate what lies ahead in tomorrow’s
digital frontier. Digital14, established in 2019,
is wholly owned by ADQ, a public joint stock
company, holding a diverse portfolio of major
enterprises spanning key sectors of Abu Dhabi’s
economy. This base provides the ideal platform for
Digital14 to accelerate digital advancement and
cyber resilience solutions via robust, end-to-end
solutions. Whether it is enjoying the freedoms of
a protected internet, secure transactions or safe
communications – we Protect, Transform and
Nurture today so that everyone can flourish with
the freedom to achieve their potential, tomorrow.
For more information, visit https://digital14.com
May 2020
May 2020
Cyber Resilience Report 35 36 Cyber Resilience ReportREFERENCES
1. https://www.huawei.com/minisite/gci/en/country-pro- 27. Digital14 53. https://www.cpomagazine.com/cyber-security/new-cyberx-re-
file-ae.html port-details-ics-security-vulnerabilities/
28. Megha Kumar. IDC Whitepaper: Securing Digital Societies of the
2. https://www.cisco.com/c/en/us/solutions/collateral/ Future with Trust. (2017 October). [accessed 2019 July 9] 54. https://www.zdnet.com/article/mysterious-irani-
service-provider/visual-networking-index-vni/white-pa- an-group-is-hacking-into-dna-sequencers/
per-c11-741490.html 29. https://government.ae/en/about-the-uae/digital-uae
55. https://www.theregister.co.uk/2016/11/09/finns_chilling_as_
3. Bou-Harb, Elias, PhD, The Cyber Center For Security and 30. https://www.huawei.com/minisite/gci/en/country-profile-ae.html ddos_knocks_out_building_control_system/
Analytics, University of Texas at San Antonio
31. https://government.ae/en/about-the-uae/digital-uae/smart-abu- 56. https://securelist.com/iot-a-malware-story/94451/
4. https://www.strategyanalytics.com/access-services/de- dhabi
vices/connected-home/consumer-electronics/reports/ 57. http://blog.malwaremustdie.org/2016/08/mmd-0056-2016-linux-
report-detail/global-connected-and-iot-device-fore- 32. https://2021.smartdubai.ae/ mirai-just.html
cast-update
33. https://ww2.frost.com/wp-content/uploads/2019/01/SmartCities. 58. https://www.zdnet.com/article/new-echobot-mal-
5. https://www.idc.com/getdoc.jsp?containerId=prUS45213219 pdf ware-is-a-smorgasbord-of-vulnerabilities/
6. https://www.zscaler.com/blogs/research/iot-traffic-enter- 34. Digital14 59. Digital14
prise-rising-so-are-threats
35. https://ieeexplore.ieee.org/document/8030479/ 60. https://blog.centurylink.com/a-new-phase-of-themoon/
7. https://www.weforum.org/agenda/2018/10/the-5-biggest-
challenges-cities-will-face-in-the-future/ 36. https://www.idc.com/getdoc.jsp?containerId=prUS43994118 61. https://www.zdnet.com/article/psyb0t-worm-infects-linksys-net-
gear-home-routers-modems/
8. https://population.un.org/wup/Publications/Files/ 37. https://www.ericsson.com/assets/local/mobility-report/docu-
WUP2018-Highlights.pdf ments/2018/ericsson-mobility-report-june-2018.pdf 62. Digital14
9. https://www.osti.gov/servlets/purl/773961/ 38. https://www.strategyanalytics.com/access-services/devices/ 63. https://www.symantec.com/content/dam/symantec/docs/re-
connected-home/consumer-electronics/reports/report-detail/ ports/istr-24-2019-en.pdf
10. https://www2.deloitte.com/content/dam/Deloitte/tr/Doc- global-connected-and-iot-device-forecast-update
uments/public-sector/deloitte-nl-ps-smart-cities-report.pdf 64. https://arstechnica.com/information-technology/2018/05/
39. https://www.cisco.com/c/en/us/solutions/collateral/service-pro- fbi-seizes-server-russia-allegedly-used-to-infect-500000-con-
11. Digital14 vider/visual-networking-index-vni/white-paper-c11-741490.html sumer-routers/
12. https://ww2.frost.com/wp-content/uploads/2019/01/ 40. https://www.secure-medicine.org/hubfs/public/publications/icd- 65. https://securelist.com/apt-slingshot/84312/
SmartCities.pdf study.pdf
66. https://en.wikipedia.org/wiki/VPNFilter
13. https://www.pwc.in/assets/pdfs/publications/2013/ 41. https://media.blackhat.com/bh-us-11/Radcliffe/BH_US_11_Rad-
smart-governance-and-technology.pdf cliffe_Hacking_Medical_Devices_WP.pdf 67. https://securelist.com/apt-slingshot/84312/
14. https://takasolutions.com/blog/advantages-of-own- 42. https://keenlab.tencent.com/en/2016/09/19/Keen-Security-Lab- 68. https://www.vice.com/en_us/article/8q8dab/15-million-connect-
ing-a-smart-building/ of-Tencent-Car-Hacking-Research-Remote-Attack-to-Tesla-Cars/ ed-cameras-ddos-botnet-brian-krebs
15. https://www.welivesecurity.com/2019/02/20/siegeware- 43. https://www.csoonline.com/article/3218104/what-is-stuxnet-who- 69. Digital14
when-criminals-take-over-your-smart-building/ created-it-and-how-does-it-work.html
70. https://new.siemens.com/global/en/company/stories/infrastruc-
16. http://www.e-madina.org/wp-content/uploads/2016/11/ 44. https://www.strategyanalytics.com/access-services/devices/ ture/expo-2020-dubai-blueprint-for-smart-cities.html
White-Paper-e-Madina-3.0-Value-Chain-of-Smart-cities. connected-home/consumer-electronics/reports/report-detail/
pdf global-connected-and-iot-device-forecast-update 71. Shodan
17. https://www.worldbank.org/content/dam/Worldbank/doc- 45. https://www.gartner.com/en/newsroom/press-releases/2018-03- 72. Shodan
ument/SDN/energy-2013-0281-2.pdf 21-gartner-says-worldwide-iot-security-spending-will-reach-1-
point-5-billion-in-2018 73. Bou-Harb, Elias, PhD, The Cyber Center For Security and Analytics,
18. https://www.bearingpoint.com/fr-fr/blogs/blog-energie/ University of Texas at San Antonio
risk-of-cyber-security-attacks-on-smart-grid/#_edn1 46. https://www.gartner.com/en/newsroom/press-releases/2016-04-
25-gartner-says-worldwide-iot-security-spending-to-reach-348- 74. Bou-Harb, Elias, PhD, The Cyber Center For Security and Analytics,
19. https://www2.deloitte.com/content/dam/Deloitte/uk/Doc- million-in-2016 University of Texas at San Antonio
uments/life-sciences-health-care/deloitte-uk-connected-
health.pdf 47. https://safenet.gemalto.com/iot-2018/?utm_campaign=iot&utm_ 75. https://safenet.gemalto.com/iot-2018/iot-security/
medium=press-release&utm_source=-&utm_content=report-2018
20. https://www.cbc.ca/news/world/cybersecurity-heart-de-
vices-implantable-1.3930997 48. https://dyn.com/blog/dyn-analysis-summary-of-friday-octo-
ber-21-attack/
21. https://local.iteris.com/cvria/html/applications/app43.html
49. https://www.theguardian.com/technology/2016/oct/26/ddos-at-
22. http://www.forbesindia.com/blog/who/smart-transporta- tack-dyn-mirai-botnet
tion-a-key-building-block-for-a-smart-city/
50. https://www.zdnet.com/article/iot-devices-to-generate-79-4zb-
23. https://www.theregister.co.uk/2018/03/07/hackers_cre- of-data-in-2025-says-idc/
May 2020
ate_ghost_traffic_jam_to_confound_smart_traffic_sys-
tems/ 51. https://www.statista.com/statistics/273550/data-breaches-re-
corded-in-the-united-states-by-number-of-breaches-and-re-
May 2020
24. https://www.brookings.edu/opinions/why-infrastruc- cords-exposed/
ture-matters-rotten-roads-bum-economy/
52. https://www.zscaler.com/press/zscaler-reveals-enter-
25. https://www.securityweek.com/smart-irrigation-sys- prise-iot-ecosystem-extends-beyond-corporate-devices-56-mil-
tems-expose-water-utilities-attacks lion-iot-device-transactions-over-30-days
26. https://www.ibm.com/downloads/cas/B1JZXRZG
Cyber Resilience Report 37 38 Cyber Resilience ReportYou can also read
