Cyber threats are one of the most important tasks IT is faced with today. Cyberattacks put sensitive and private data at rick of being hacked and stolen. These cybersecurity threats can affect anything connected to wireless internet, including lighting control systems. The Pacific Northwest National Laboratory (PNNL) created a report on cybersecurity threats on lighting systems for the Department of Energy (DOE). This report identifies threats that lighting control systems face against cyber attackers, how they can get into cyber systems, and how to prevent them.
There are a few common threats that cyber security faces when dealing with digital threats. The team modeled a premise for the most common and high priority threats against cyber security called STRIDE. Spoofing, Tampering, Repudiation, Information, Denial, Elevation.
- Spoofing identities are when someone is impersonating themselves by pretending to be a person, service, or website to gain access to their systems.
- Tampering is when the attacker changes or modifies the data with malicious or false code.
- Repudiation is when they claim they have not performed an action. For example, an attacker might claim they did not order an item when they did.
- Information disclosure which threatens the confidentiality of a website. This is when someone reveals information to someone who is not authorized to see it.
- Denial of services examples are crashing websites or rerouting packets.
- Lastly, Elevation of privileges is when someone gains access without proper authorization.
The way that these hacks can be prevented is with extra authentications for signing into computers and programs. Some of these attacks have different rankings of priority. Most people scale spoofing, information disclosure and elevation of privilege as highest priority meanwhile tampering is scaled as a medium priority. These threats can be managed by the manufacturers by developing techniques to take extra protections such as encryptions and firmware. Wireless lighting control systems can remain safe from attacks with proper precautions by IT professionals.