Security concerns about Internet of Things (IoT) consumer gear has now spread to smart city speeding cameras. TheNewspaper.com rang alarm bells about the proliferation of connected smart city technology that is vulnerable to hackers.
Kaspersky on smart city speeding cameras
Specifically it reported on worrying Kaspersky Lab research that found a large number of connected speeding cameras deployed in smart city initiatives were easily hackable.
Kaspersky published its results in a paper for a conference that looked at smart city security hazards.
The Russian researchers explored the security vulnerabilities related to smart city technology using the Shodan search engine. They suspected many cities are deploying IoT devices to jump on the smart city bandwagon without fully examining how secure the technology is.
In their research they found many instances of traffic cameras that were vulnerable to hackers, made by vendors like Redflex Traffic Systems.
“We found speedcam IP addresses by pure chance… We decided to check that passwords were being used,” said Vladimir Dashchenko and Denis Makrushin from Kaspersky Lab.
“Imagine our surprise when we realized there was no password and the entire video stream was available to all Internet users. Openly broadcast data includes not only the video stream itself, but additional data, such as the geographical coordinates of cameras, as well.”
A roadmap to hacking a smart city?
Security weaknesses extended into other municipal systems via routers and other equipment used for automated ticketing.
The cause of these vulnerabilities are usually neglectful system administrators often do not set up passwords when installing IoT devices, opening them up to hackers from around the globe.
“Even in not so smart cities, those devices are already processing gigabytes of citizens’ data and unfortunately are not always secure enough to defend against third parties set on manipulating them,” said the Kaspersky researchers.
This follows earlier reports that the U.S. government is increasingly worried that IoT technology harbors lurking security threats, particularly from terrorists. Various government departments had set up initiatives to assessing the threat posed by this new technology, and to find ways to properly combat next-generation terrorism tactics.