Rply for inital post
Discussion 1
Hello Everyone,
Urban population is on the rise worldwide and smart city development project are harnessing the power of the Internet of Things (IoT) to develop more intelligent, efficient, and sustainable solutions. However, digital security investments in smart cities are severely lagging thus seeding the future vulnerabilities of the IoT ecosystem. Smart cities are comprised of a highly complex, interdependent network of devices, systems, platforms, and users. Smart energy, utilities, water and wastage, parking and automotive, industrial and manufacturing, building automation, e-government and telemedicine, surveillance and public safety are just some of the verticals that vendors and governments must secure (Braun, Fung, Iqbal & Shah, 2018).
Smart cities are increasingly under attack by a variety of threats. These include sophisticated cyberattacks on critical infrastructure, bringing industrial control systems (ICS) to a grinding halt, abusing low-power wide area networks (LPWAN) and device communication hijacking, system lockdown threats caused by ransomware, manipulation of sensor data to cause widespread panic (e.g., disaster detection systems) and siphoning citizen, healthcare, consumer data, and personally identifiable information (PII), among many others, explains Dimitrios Pavlakis, Industry Analyst at ABI Research. In this increasingly connected technological landscape, every smart city service is as secure as its weakest link (Braun, Fung, Iqbal & Shah, 2018).
Cloud service powerhouses like Microsoft, security leaders like Entrust Data card and Rambus, cellular communication experts like Sierra Wireless, certification authorities like Global sign, and multi-vertical service providers like Huawei are some of the key vendors providing smart city specific solutions. Lack of cryptographic measures, poor encryption key management, non-existent secure device onboarding services, weaponized machine learning technologies by cyber-attackers, poor understanding of social engineering, and lack of protection versus DDoS attacks are just are some of the key issues contributing to the amplification of cyber-threats in smart city ecosystems (Braun, Fung, Iqbal & Shah, 2018)
References
Braun, T., Fung, B. C., Iqbal, F., & Shah, B. (2018). Security and privacy challenges in smart cities. Sustainable cities and society, 39, 499-507.
Discussion 2
Emerging threats in computer and network are one of the highly debated issues in the modern world. The study of these threats is excellent and enjoyable, not forgetting its importance in ensuring the safety of computers. Let’s discuss this emerging issue using the Critical article analysis of DDoS. First, modern computing facilitated by Internet of Things (IoT) devices has made modern-day life more comfortable across the world. It’s also important as if help in measuring parameters associated with the tools, infer from their result, and more so help to understand and control many of such devices in several application domains (Lohachab & Karambir, 2018). Every device communicates with each other like the Internet of things, thus bringing more productivity. Considering this scenario, the diversity of technologies in use has increased security threats. Internet of Things devices is at times used to generate a powerful distributed denial of service (DDoS) attacks. The attackers use computers to interrupt and block legitimate users and at times, get access to their data.
The article discusses the working mechanism of attackers and outlines commonly used tools in such attacks. The key words include the Internet of things, distributed denial of service attacks, Security, Mirai, and botnet.
Internet of Things (IoT) is a digital ecosystem that provides the capability of inter-connectivity among physical devices (Lohachab & Karambir, 2018). To achieve goals of interoperability among methods using the device to device communication technologies, organizations across the world require the Internet of Things for practical cooperation among themselves. Currently, the number of connected devices exceeds the world population. The issues of security in IoT have been of great concern, industry, and academia have made efforts to overcome these security threats. The reason why attackers have a great interest in IoT devices compared to traditional methods is that they holy ample amount of sensitive data and are vulnerable to simple attack attempts. Manufacturing companies that are involved in making these devices are in a rush to occupy more space in the digital market, thereby having little concern about these vulnerabilities. Shorter passwords, differences in storage formats, data processing methods, security control mechanisms, and data filtering techniques also give rise to various security challenges. This makes it challenging to establish privacy, trust, confidentiality, authentication, and access control in the whole system (Lohachab & Karambir, 2018).
Categories of DDOS attack and networking mechanism; an attacker, mostly execute denial of service (DOS) attack to consume the resources of the service provider so that legitimate user in the network is not able to use those services, suffer delayed responses or experience network failures. Some of the categories of DDoS attacks include;
1. The volumetric attack which involves flooding the communication channel with a tremendous amount of traffic until the victim's bandwidth is saturated (Lohachab & Karambir, 2018).
2. Protocol attacks which involve exploiting vulnerabilities in the network layer and exhausting the processing capabilities of the target service (Lohachab & Karambir, 2018).
3. Application attack, here the attacker attacks a web server or an application by manipulating the seemingly appropriate requests over the application layer (Lohachab & Karambir, 2018).
Lohachab, A., & Karambir, B. (2018). Critical analysis of DDoS—an emerging security threat over IoT networks. Journal of Communications and Information Networks, 3(3), 57-78.