Concern is rising over hackers using IoT botnets to affect energy markets
Researchers at the Georgia Institute of Technology presented information at the Black Hat Security Conference that suggests high-wattage IoT botnets could be strategically deployed in order to increase demand at certain times in an effort to negatively affect any of the nine private energy markets around the US.
High-wattage IoT devices include things such as air conditioners, car chargers, and smart thermostats.
An effective hacker could stealthily force price fluctuations with the intention of profit, chaos, or both.
In order to demonstrate their hypothesis, the researchers used real, publicly available data from markets in New York and California for one year.
They then studied the fluctuations in both the “day-ahead market” that forecasts demand and the “real-time market” where buyers and sellers correct for forecasting errors and unpredictable events such as natural disasters.
When modeling how much power high-wattage IoT botnets could draw and analyzing the market data, the researchers devised two types of potential attacks that if employed would alter energy pricing.
The researchers also analyzed how far hackers would be able to push their attacks before the malicious activity raised any red flags.
Based on their analysis, the researchers found that much smaller demand fluctuations than might be expected could affect pricing.
In fact, they found that it would take as few as 50,000 infected devices to pull off an impactful attack.
The researchers noted that, “Consumers whose devices are unwittingly conscripted into a high-wattage botnet would also be unlikely to notice anything amiss; attackers could intentionally turn on devices to pull power late at night or while people are likely to be out of the house.”
In terms of cost to consumers whose devices were used in the attack, researchers calculated at most a 7 percent increase in home electric bills, which is likely low enough to go unnoticed.
Attacks that implement this hack could take home as much as $245 million a year and potentially cause a much as $350 million per year in economic damage.
As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648
