IOT physical attack to be revealed at blackhat
Renowned researcher Billy Rios, founder of WhiteScope will be presenting at BlackHat 2017 in Las Vegas an IoT exploit that may potentially inflict physical harm to humans. As IoT devices are becoming more popular, the stakes of causing physical harm are increasing similarly if the devices fail to meet the required security spectrum.
Billy Rios wrote an exploit that utilizes zero day vulnerabilities in order to strike a person with an IoT device. By bypassing authentication or disabling safety mechanisms, an IoT device could be compromised and used to strike at people in public places. For example, “A robotic arm in a factory can hit you, but people don’t take that seriously because they think that they are only used in manufacturing,” Rios explains. “The attacks I will be discussing are devices that are used in public places and can hit or strike you.”
Although these number of IoT devices that have the ability to inflict physical harm are relatively small in proportion to other IoT devices, we are headed towards a future that will greatly increase these numbers due to a growth in robotics. There are two main problems with IoT, the first one being that the industry is not regulated and the second is having an inadequate scoring system. A vulnerability in a TV could have the same score as a vulnerability in an IoT device capable of causing physical harm. We need to develop a more adequate scoring system that is able to distinguish between virtual and physical harm.