Most concerns about vulnerable Internet of Things (IoT) devices have centered on adversaries targeting them to disrupt operations or to assemble large botnets for launching denial-of-service attacks or distributing malware and spam.
In a new spin, researchers at a Black Hat virtual event this week described how certain high-wattage Internet-connected devices such as smart air-conditioners and electric-vehicle (EV) chargers could be used to manipulate energy markets.
According to the researchers, from the Georgia Institute of Technology, their studies show that attackers can alter power demand on a grid if they are able to compromise and control a sufficient enough number of high-wattage IP-connected products. By simultaneously switching on or shutting down tens of thousands of EV chargers, for instance, or smart heaters, ACs, and ovens, attackers can change real-time demand for power enough to affect electricity prices.
"If we can somehow control the total power consumption of the power grid and change it slightly, we should be able to affect real-time systems for electricity market prices," said Tohid Shekari, a doctoral candidate at the Georgia Institute of Technology. If the attacks are carried out in a sophisticated enough manner, the manipulation would be almost unnoticeable, he said.
Shekari provided an example of an attacker with a botnet made up of 100,000 IoT devices, each consuming 3 kilowatts per hour (3,000 watts). If the attacker were to turn the bots on or off for about three hours a day for about eight days a month, it would be enough to trigger a barely noticeable but sufficient change in demand so as to ..
Support the originator by clicking the read the rest link below.
