IoT and Smart Cities have become terms we are all too familiar with, but looking at the rate at which they grows, we cannot ignore the growth of the attack areas, writes PAUL WILLIAMS, Country Manager SADC, Fortinet.
Smart cities are being planned the world over. Technology development always goes through two phases for any new discipline: First – tools are developed, and infrastructure is built and enabled. And second – the technology is scaled up. In the case of smart cities, we are in the first phase, where many of the kinks and challenges are still being ironed out.
Here are some examples of services a smart city might provide:
· Coordinated energy control of air conditioners at homes during hot summer days to manage and preserve city power resources
· Directed local discounts in retail and restaurants to avoid city congestion
· An automatic fee for driving a vehicle during highly congested periods
· A smart directed parking app that automatically discounts congestion charges for parking in specific parking lots
· Real-time sensor data to warn citizens affected by allergens and irritants
· Real-time sensor data of standing water for mosquito breeding, etc.
· Vehicle-to-vehicle communication, autonomous driving technology, and infrastructure with embedded sensors to warn of things like imminent traffic jams, construction, best routes for navigation during emergencies, etc. based on real-time traffic patterns.
To enable such services, smart cities will need to deploy plenty of IoT devices and services for metering, sensing, and controlling.
The Attack Surface of Smart Cities
The increase in the size of a smart city’s IoT device footprint corresponds to an increase in the size of its attack surface.
As was seen recently in a series of IoT-based denial of service attacks, IoT devices can be compromised and hijacked into a Shadownet (an IoT-based botnet that can’t be seen or tracked using normal browsers or tools) and controlled by a command and control (C&C) center run by hackers. Alternatively, these devices and services may be attacked in order to deny services to legitimate users.
Here are some examples of what hackers and attackers can do:
· Take control of parking, traffic lights, signage, street lighting, and automated bus stops, etc. For example, changing highway signs to read “terrorist threat in area” or “danger, toxic spill ahead” could seriously disrupt traffic and cause panic among drivers.
· Direct all cars and buses to a specific area to create congestion and gridlock.
· Disable local transportation, thereby disrupting businesses and services, such as banking, because employees can’t get to work.
· Open causeways to spill sewage and untreated waste water into parks, rivers, and communities.
· Cut off access to drinking water.
· Send fake SMS directing to people to a specific location, such as a targeted business or government agency
· Remotely switching off air conditioners or furnaces during extreme temperature days
· Randomly turning on fire and burglar alarms throughout the city
Increasing the Security in Smart Cities from the Inside
While it’s not possible to secure every possible security breach in a totally connected environment, it doesn’t mean we need to go back to the Stone Age. Instead, it’s possible to take some key initial steps to strengthen the smart city’s security posture and architecture:
· Use strong encryption
· Design systems that have strong protection against tampering.
· Provide strong access control, authentication, and authorization
· Maintain detailed logging of activities
· Segment services for individual sub-systems, and then aggregate and pool data that you want to make publicly accessible
· Create centralized management, analysis, and control systems through segmented and secured administration channels to troubleshoot problems
· Set baseline standards that trigger alarms or require manual override when thresholds are crossed or anomalous behavior is detected, such as rerouting traffic or disabling water treatment.
Segmentation is the Key
With a complex smart city network, segmentation is the key. For example, the Smart Transportation network needs to be logically segmented from other smart networks, such as user services, websites, or energy networks, etc. This aids in isolating an attacks, and allows for the advanced detection of data and threats as attacks and malware move from one network zone to the other. This also divides the smart city network into security zones, which aids in compliance, monitoring internal traffic and devices, and preventing unauthorized access to restricted data and resources.
Such segmentation will ensure that the majority of the IoT components deployed across the smart city only communicate with those devices and systems they should, and only talk in the protocols they have been assigned. This will also ensure that the interior network doesn’t get hacked and can’t participate in a DDoS attack.
In a similar way, other smart networks in the city can be segmented and isolated from each other, thereby avoiding the spread of malware and reducing the impact of any hacks and attacks. Further, smart cities must make include the ability of IoT equipment to support and control such traffic an essential purchasing requirement.
Increasing the Security in Smart Cities from the Outside: DDoS Attacks
While network segmentation will ensure that the internal network is protected and its integrity and availability are preserved, we need to increase the availability of the smart city’s Internet facing properties. DDoS attacks can be easily used to overwhelm this infrastructure. Depending on the size of the pipe, and expected worst-case scenarios, city IT teams must develop and implement and effective DDoS attack mitigation strategy. This may be comprised of either an over provisioned appliance solution, or a hybrid solution consisting of appliances combined with a cloud based scrubbing center.
An over provisioned appliance solution enables you to manage DDoS attacks that are larger than your normal bandwidth usage. For example, if your normal user traffic is 1 Gbps, develop a plan for a 20 Gbps DDoS attack that includes deploying an appliance to mitigate such attacks, and provision for such potential bandwidth requirements from your service provider. If the actual attack is expected to be larger than your service provider bandwidth, however, you may need a hybrid solution that includes a cloud-based scrubber that works closely with your DDoS appliance solution.
From Smart to Smarter
As time passes, smart cities will become even smarter as they learn from researchers, from each other, and from incidents that are bound to happen.
Acer gaming beast escapes
Acer this week unveiled two notebooks that take portable gaming to new extremes.
Acer unveiled two new Predator Helios gaming notebooks this week at the next@acer global press conference in New York. They include the powerful Predator Helios 500, featuring up to 8th Gen Intel Core i9+ processors, and the Predator Helios 300 Special Edition that includes upgraded specs from its predecessor and a distinctive white chassis. Both feature VR-Ready performance, advanced thermal technologies, and blazing-fast connectivity.
“We’ve expanded our Predator Helios gaming notebook line in response to popular demand from gamers seeking extreme performance on the go,” said Jerry Kao, President of IT Products Business, Acer. “The Predator Helios 500 and Helios 300 gaming notebooks feature Acer’s proprietary thermal technologies and powerful components that, coupled with our award-winning software, deliver unparalleled gaming experiences.”
“The 8th Gen Intel Core i9+ processor for gaming and creation laptops is the highest performance Intel has ever delivered for this class of devices; purpose built for enthusiasts who demand premium gaming experiences whether at home or on the go,” said Steve Long, Vice President and General Manager, Client Computing Group Sales and Marketing, Intel. “Intel and Acer’s long relationship has produced amazing products over the years, and the new Acer Predator Helios gaming notebooks are powerful examples of what’s possible with this unprecedented level of performance.”
Predator Helios 500 is a gaming beast featuring overclocking, 4K 144 Hz panels
Designed for extreme gamers, the Predator Helios 500 is a gaming beast. It features up to overclockable 8th Gen Intel Core i9+ processors and overclockable GeForce GTX 1070 graphics. Intel Optane memory increases responsiveness and load times, while ultra-fast NVMePCIe SSDs, Killer DoubleShot Pro networking, and up to 64GB of memory keep the action going, making the Helios 500 the ideal gaming notebook for graphic-intensive AAA titles and live streaming.
Top-notch visuals are delivered on bright, vibrant 4K UHD or FHD IPS 17.3-inch displays with 144Hz refresh rates for blur- and tear-free gameplay. NVIDIA G-SYNC technology is supported on both the built-in display and external monitors, allowing for buttery-smooth imagery without tearing or stuttering. For those looking for maximum gaming immersion, dual Thunderbolt 3 ports, and display and HDMI 2.0 ports support up to three external monitors. Two speakers, a subwoofer, and Acer TrueHarmony and Waves MAXXAudio technology deliver incredible sound and hyper-realistic 3D audio using Waves Nx.
The Helios 500 stays cool with two of Acer’s proprietary AeroBlade 3D metal fans, and five heat pipes that distribute cool air to the machine’s key components while simultaneously releasing hot air. Fan speed can be controlled and customized through the PredatorSense app.
A backlit RGB keyboard offers four lighting zones with support for up to 16.8 million colors. Anti-ghosting technology provides the ultimate control for executing complex commands and combos, which can be set up via five dedicated programmable keys.
Acer’s PredatorSense app can be used to control and monitor the notebook’s vitals from one central interface, including overclocking, lighting, hotkeys, temperature, and fan control.
Predator Helios 300 Special Edition brings a sophisticated design twist to gaming notebooks
Acer’s budget-friendly Helios 300 gaming line sees the addition of a Special Edition model featuring an all-white aluminum chassis accented with gold trim, an unusually chic design for gaming notebooks.
The Helios 300 Special Edition (PH315-51) allows for ultra-smooth gameplay via its 15.6-inch FHD IPS display with an upgraded 144Hz refresh rate. The rapid refresh rate shortens frame rendering time and lowers input lag to give gamers an excellent in-game experience. It’s powered by up to an 8th Gen Intel Core i7+ processor, overclockable GeForce GTX 1060 graphics, up to a 512 GB PCIe Gen 3 NVMe solid state drive, and up to a 2 TB hard disk drive.
The Helios 300 Special Edition also comes equipped with up to 16 GB of DDR4 memory, and is upgradable to 32GB. Intel Optane memory speeds up load times of games and applications, access to information and improves overall system responsiveness. In addition, Gigabit Ethernet provides fast wired connections, while Gigabit Wi-Fi is provided by the latest Intel Wireless-AC 9560 that delivers up to 1.73Gbps throughput when using 160 MHz channels (2×2 802.11ac, dual-band 2.4GHz and 5GHz).
The Helios 300 Special Edition also includes two of Acer’s ultrathin (0.1 mm) all-metal AeroBlade 3D fans designed with advanced aerodynamics and superior airflow to keep the system cool. They can be controlled with Acer’s PredatorSense app, which offers three usage modes:
1. Coolboost mode:
For heavy loading games, rendering, streaming, and extended video consumption
2. Normal mode:
For productivity tools like Microsoft Office
3. Silent mode:
For web browsing and online chatting
Price and Availability
Predator Helios 500 will be available in South Africa in June starting at R34 999.00
Helios 300 Special Edition will be available in South Africa in August 2018. Exact Price will be communicated closer to the time.
LG G7 arrives in SA
LG this week introduced South Africa to its latest premium smartphone, the LG G7 ThinQ, focused on bringing useful and convenient AI features to the smartphone experience.
Powered by the latest Qualcomm Snapdragon 845 Mobile Platform, the LG G7 ThinQ offers 4GB of RAM and 64GB of internal storage to run demanding tasks and apps with. It is equipped with a 6.1-inch Super Bright Display, but the LG G7 ThinQ remains compact enough to use with one hand.
Sporting a new design aesthetic for the G series, the polished metal rim gives the LG G7 ThinQ a sleeker, more refined look, complemented by Gorilla Glass 5 on both the front and the back for enhanced durability. Rated IP68 for dust and water resistance, the LG G7 ThinQ is also awarded MIL-STD 810 c certification, having been subjected to a range of extreme temperature and environment tests designed by the United States military.
The LG G7 ThinQ has an 8MP camera up front, rendering clear and natural selfies, with two 16MP cameras at the back that deliver higher resolution photos with more detail, as well as a Super Wide Angle configuration.
As with other leading brands, LG has evolved its signature camera by including AI functionality. The AI CAM offers 19 shooting modes for intelligence-optimised shots. Users can also improve their photos by choosing from an additional three effect options should the AI CAM recommendation not suit their taste.
The new Super Bright Camera captures images that are up to four times brighter than typical photos shot in dim light. Through the combination of pixel binning and software processing, the AI algorithm adjusts the camera settings automatically when shooting in low light.
Live Photo Mode records one second before and after the shutter is pressed for snippets of unexpected moments or expressions that would normally be missed. Stickers uses face recognition to generate fun 2D and 3D overlays, such as sunglasses and headbands, that can be viewed directly on the display.
New to the G series is Portrait Mode, which generates professional-looking shots with out-of-focus backgrounds. This effect can be generated using both front and rear standard lenses as well as the rear Super Wide Angle lens.
LG G7 ThinQ offers further AI functionality with the inclusion of Google Lens features. Google Lens is a new way to search using the AI and computer vision. Google Assistant and Google Photos allow users to access more information on objects such as landmarks, plants, animals, and books. It can identify text or visit websites, add business cards to contacts, events to the calendar or look up an item on a restaurant menu.
A button just below the volume keys launches the AI functionality. A single tap of this button launches the Google Assistant, while two quick taps launches Google Lens. Users can also hold down the button to start talking to the Google Assistant without the repetition of the OK Google command.
With Super Far Field Voice Recognition (SFFVR) and the highly-sensitive G7ThinQ microphone, the Google Assistant can recognise voice commands from up to five meters away. SFFVR is able to separate commands from background noise, making the LG G7 ThinQ an alternative to a home AI speaker, even when the TV is on. Commands for the Google Assistant have been increased in the LG G7 ThinQ so users can get more done with their voice alone.
“The LG G7 ThinQ is strongly focused on the fundamentals and its launch marks a new chapter for our company,” said Deon Prinsloo, General Manager for Mobile Communication, LG Electronics S.A Pty Ltd. “Through the combination of personalised and useful AI functionalities with meaningful smartphone features, this is LG’s most convenient and in the moment smartphone yet.”
- Mobile Platform: Qualcomm Snapdragon 845 Mobile Platform
- Display: 6.1-inch QHD+ 19.5:9 FullVision Super Bright Display (3120 x 1440 / 564ppi)
- LG G7 ThinQ: 4GB LPDDR4x RAM / 64GB UFS 2.1 ROM / MicroSD (up to 2TB)
- Rear Dual: 16MP Super Wide Angle (F1.9 / 107°) / 16MP Standard Angle (F1.6 / 71°)
- Front: 8MP Wide Angle (F1.9 / 80°)
- Battery: 3000mAh
- OS: Android 8.0 Oreo
- Size: 153.2 x 71.9 x 7.9mm
- Weight: 162g
- Connectivity: Wi-Fi 802.11 a, b, g, n, ac / Bluetooth 5.0 BLE / NFC / USB Type-C 2.0 (3.1 compatible)
- Colours: New Aurora Black
- Others: Super Bright Display / New Second Screen / AI CAM / Super Bright Camera / Super Far Field Voice Recognition / Boombox Speaker / Google Lens / AI Haptic / Hi-Fi Quad DAC / DTS:X 3D Surround Sound / IP68 Water and Dust Resistance / HDR10 / Google Assistant Key / Face Recognition / Fingerprint Sensor / Qualcomm Quick Charge 3.0 Technology / Wireless Charging / MIL-STD 810G Compliant / FM Radio