Energy Market Manipulations Using IoT Botnets
The Dark Reading recently interviewed Tohid Shekari, a Ph.D. candidate at Georgia Tech, concerning his work with Raheem Beyah about using the IoT botnets in a stealthy way for manipulating the energy markets.
According to Tohid, IoT botnets have been recently used to attack the auto domains. The attacks started to emerge in the field of cybersecurity only recently, and the first attack reported in the category is the Mirai service attack using the Mirai Botnet.
Some USENIX study papers have also been studying using high wattage IoT botnets to take down the grid and cause black-outs in the entire system. The idea was inspired by a Hollywood movie, “The Wolf of the Wall Street,” wherein Jordan Belfort makes millions of dollars by manipulating the market. This got the researchers thinking to derive a more constructive way of using the botnet attack.
Basis
The attack’s concept is based on the relation of energy and energy consumption with the IoT botnets. The power grid consumption can be manipulated using high wattage IoT devices such as water geysers, treadmill, air purifiers, etc. and leveraged by the attackers to gain unauthorized access to manipulate the consumption charts.
The attacks take place mainly by two types of attackers. One is the attacker whose primary goal is to maximize profits. They work for manipulating the markets for their own financial motives.
Another one is a Nation-State attacker who could be a part of the trade or the cold world. Such an attacker tries to target specific companies or market players to maximize their financial damage. The motive is mainly revenge or competition.
Implementation
To successfully implement such attacks, the attackers take over the control of several IoT devices so that the users do not get suspicious. The attackers need to have access to the market’s historical data and real-time information about the market. This type of data is generally available online without much hassle. After the data is accessed, the attacker will monitor real-time market price and energy consumption to manipulate the market.
Usually, the market operators draw statistics to determine the market conditions with a 5-10% margin for errors. The market demand is changed slightly, not too much, not to draw suspicion but enough to bring the required changes in the prices. This slight change is within the range of the errors the market operators make room for. The attackers use observance and statistical analysis to determine the amount of change to be made not to get caught.
Mitigation
On being asked about the ways to mitigate the issue, Tohid said that these types of attacks might have been known earlier and have been in use without any information. So, in order to control the issue, the historical market data and the real-time market information must not be shared publicly but just to the involved stakeholders.
He also proposed that the IoT vendors must be convinced to build an online database to monitor the behavior of the IoT devices. Currently, only 1% of the devices are registered, making it almost impossible to monitor and prevent such attacks in the future. At last, he emphasized further research in the field to develop more ways of mitigating the issue.
