We’ve all heard of or experienced computer security problems with our computers and perhaps, even PLCs and your SCADA system. Ranging from viruses chomping your database to sophisticated denial of service attacks on your industrial and office network from someone based in the depths of West Waziristan.

Dear Colleagues, 

We’ve all heard of or experienced computer security problems with our computers and perhaps, even PLCs and your SCADA system. Ranging from viruses chomping your database to sophisticated denial of service attacks on your industrial and office network from someone based in the depths of West Waziristan. 

The Horrors of Phishing and Ransom ware
Other variations of attacks included ‘phishing’ which is to con you into revealing your account details and passwords. Oddly enough, even highly intelligent people get fooled by this and often keep quiet about their losses because of the extreme embarrassment. Another recent one is ‘ransomware’ where one of your databases or server is encrypted and you have to pay money to have it restored. 

The Internet of Things (IoT) has Arrived
We now have the new scenario of everything (“All things bright, beautiful and small” perhaps – if I can remember my nursery rhymes) being connected to the internet accessing data. This ranges from your car, home alarm and energy management system, insulin pumps for a diabetic, TV, VCR player to the parking meter.
Which, naturally enough, makes these all a great target for malicious hackers.

Disable your Car’s Brakes on the Freeway
Researchers have shown how a remote hacker can knock out the brakes of your new car and indeed, disable the power steering. In the earlier times, it required a computer to be connected to your car’s computerised management system. However this can be done wirelessly now. 

Crash Your Jeep Remotely
A particularly alarming and recent demonstration was with research hackers remotely accessing a Jeep Cherokee with a mobile phone from a few kms away and successfully cutting its engine out and applying brakes causing it to lurch into a ditch besides the road. This would affect 470,000 vehicles. The manufacturers have issued a software update.

Control a Diabetic’s Insulin Drug Pump
Another demonstration of hacking was to take control of an insulin drug pumps and to alter the dosage for a diabetic.  Perhaps killing her.

Little Experience makes for a Dangerous Situation
Most manufacturers of these devices which are slowly being connected to the internet (through the so-called Internet of Things or IoT) have little experience with computer security issues – often coming from a manufacturing or mechanical background. So are extraordinarily vulnerable.

Where to from here?
I believe it is vital today to assume everything is vulnerable to a hack-attack and to consider the consequences carefully and to follow my old rule (Thanks Robert De Niro): ‘When there is any doubt, there is no doubt’. 

Certainly, if your refrigerator is hacked it is probably not a major problem; but if your car is subverted this is indeed critical. Similarly, if some hacker is monitoring your energy usage of your home energy management system to determine when you are away on holidays – this could also be a cause for concern.

Thanks to the Economist for an interesting article entitled: Cyber-Security Their Own Devices.

Robert C. Solomon makes a good comment about the dangers of trusting things which are familiar to us: We also confuse trust with familiarity.

Yours in engineering learning,

Steve 

Mackay’s Musings – 14th July’15  #573
125, 273 readers – www.idc-online.com/blogs/stevemackay