In 1999 a technology manager called Kevin Ashton coined the phrase “The Internet of Things”.
It was to convey the fact that not everything connected to the Internet generates data via humans tapping on keyboards. Today, these “things” now include elements of our critical national infrastructure via what are called SCADA (Supervisory Control And Data Acquisition) systems or ICS (Industrial Control Systems). Unfortunately, these systems can be just as vulnerable to attack as our laptops.
Security through obscurity has helped to protect these systems until recently as they are not obvious to regular Internet users. However, there is no longer anywhere to hide. Many know that search engines such as Google, if queried in using “advanced operators”, can reveal exposed equipment. This became even simpler with search engines such as Shodan which are specifically to help locate exposed webcams, routers, etc but which can just as easily reveal SCADA systems.
Lack of direct connection to the Internet is no guarantee of security either. More often than not, unprotected control systems can be reached indirectly using the “swivel chair interface” where a human can be convinced to transfer something from the Internet to automated systems, or vice versa.
In 2010 we saw how even the most secure “air gap” can be breached when the Iranian nuclear reprocessing plant at Natanz was infected with the Stuxnet virus. This appears to have been achieved when an operator plugged in an infected USB stick to an isolated PC that was used to communicate with the embedded computers that controlled and reported upon the centrifuges producing enriched uranium. The Stuxnet virus simultaneously caused the centrifuges to malfunction whilst reporting that all was well to the operators. Leave a USB stick lying around with what looks like a free game, and you’d be surprised how many users will plug it into the nearest computer.
Since this incident there has been a growing realisation that various elements of a critical national infrastructure are similarly vulnerable. They use similar, if not identical, embedded computer systems as were used at Natanz. The initial thought was one of defending the realm against foreign aggressors. After all, it was an obvious way to cripple a country without firing a physical shot. Why launch missiles if you can switch out the lights and turn off the water. It’s cheaper too. So much so that this form of attack has become a great leveller, allowing small nations to potentially punch well above their weight.
For a while there were detractors who have said that this type of threat is nonsense, and that it simply could not happen. However, tests were already being conducted at research institutes such as the Idaho national laboratories (known as Aurora) by the time Stuxnet was released. Such tests showed that access to these SCADA systems could not only turn off equipment that we all rely upon but it could cause the equipment to self-destruct.
Hence, embedded computing needs to be kept updated and have protection just as much as the computers with which we are all more familiar. Unfortunately, keeping embedded computers updated can be problematic. Perversely, although they may be vulnerable to remote attacks, updating their software (known as firmware if it cannot be accessed routinely by a remote computer) can require visits to the physical devices. This takes time and effort, and when coupled with a history of complacency about their risk of attack, many systems remain vulnerable for significant periods after a vulnerability is reported.
The Latest Bing News on:
Intelligent Infrastructure
- Banks need AI infrastructure to deepen transformation, say global lenderson April 27, 2024 at 7:01 pm
the financial industry must invest in artificial intelligence infrastructure to remain competitive and transform their businesses.
- A Once-in-a-Generation Investment Opportunity: 1 Artificial Intelligence (AI) Stock to Buy Now and Hold Foreveron April 27, 2024 at 11:00 am
In the midst of AI euphoria, Microsoft sent shock waves throughout the tech sector following a multibillion-dollar investment in OpenAI -- the start-up behind ChatGPT. Since partnering with OpenAI, ...
- DHS launches safety and security board focused on AI and critical infrastructureon April 26, 2024 at 10:07 am
The Department of Homeland Security on Friday announced the creation of its new Artificial Intelligence Safety and Security Board. The formation of the group comes as the department ramps up its focus ...
- How IBM is helping orgs future-proof storage infrastructure while controlling costson April 26, 2024 at 8:07 am
Audrey O'Donnell discusses how IBM's new storage contract, Storage Assurance Perpetual, helps customers save costs and prioritize innovation with theCUBE.
- 1 Monster Artificial Intelligence (AI) Growth Stock Up 45,900% in 20 Years to Buy Now, According to Wall Streeton April 26, 2024 at 1:44 am
Nvidia stock produced life-changing returns over the past two decades, but Wall Street analysts still see upside for shareholders.
- Bitcoin Miners Upgrade Infrastructure, Embrace AI To Prepare For Dip In Revenue After Halving (CORRECTED)on April 24, 2024 at 10:50 am
This story has been updated to correct a quote from Bitdeer CSO Haris Basit that was mistakenly attributed to another executive. Bitcoin (CRYPTO: BTC) miners are increasingly turning to artificial ...
- Fortra advances cybersecurity defense with expanded threat intelligence capabilitieson April 23, 2024 at 10:54 am
New features include high-fidelity threat intelligence with timely, curated data. “Security teams use this trusted, high-fidelity intelligence to address blind spots in their own data and supplement ...
- The Hivemind Working Toward Resilient Intelligent Teamson April 23, 2024 at 5:23 am
Discover how Nathan Michael, CTO of Shield AI and former Associate Research Professor at Carnegie Mellon University’s Robotics Institute, is leading the charg ...
- Forget Nvidia: Billionaires Are Selling It and Buying These 2 High-Octane Artificial Intelligence (AI) Growth Stocks Insteadon April 23, 2024 at 2:06 am
Billionaire investors are ditching the "infrastructure backbone" of the artificial intelligence (AI) revolution in favor of two industry-leading, irreplaceable AI stocks.
- The dawn of intelligent and automated data orchestrationon April 23, 2024 at 2:03 am
Enterprise workflows desperately need what iPhone and Android users have enjoyed for years—ready access to files wherever and whenever they’re needed, regardless of where the files are physically ...
The Latest Google Headlines on:
Intelligent Infrastructure
[google_news title=”” keyword=”Intelligent Infrastructure” num_posts=”10″ blurb_length=”0″ show_thumb=”left”] [/vc_column_text]The Latest Bing News on:
Risks of Intelligent Infrastructure
- Banks need AI infrastructure to deepen transformation, say global lenderson April 27, 2024 at 7:01 pm
the financial industry must invest in artificial intelligence infrastructure to remain competitive and transform their businesses.
- Growing concern that artificial intelligence could pose new cybersecurity threatson April 26, 2024 at 9:26 pm
As the capabilities of AI systems increase, so too do the risks of attacks on banks, infrastructure and elections, expects say.
- DHS launches safety and security board focused on AI and critical infrastructureon April 26, 2024 at 10:07 am
The Department of Homeland Security on Friday announced the creation of its new Artificial Intelligence Safety and Security Board. The formation of the group comes as the department ramps up its focus ...
- How IBM is helping orgs future-proof storage infrastructure while controlling costson April 26, 2024 at 8:07 am
Audrey O'Donnell discusses how IBM's new storage contract, Storage Assurance Perpetual, helps customers save costs and prioritize innovation with theCUBE.
- New data reveals growing identity threat risks for organizationson April 25, 2024 at 1:34 pm
For many years, the identity infrastructure has been one of the most neglected elements in enterprise security, and a new report which is based on data from many companies is now showing that identity ...
- Meta Platforms: Balancing CAPEX and Regulatory Risks with Hold Ratingon April 25, 2024 at 1:46 am
In a report released yesterday, Brian Pitz from BMO Capital maintained a Hold rating on Meta Platforms (META – Research Report), with a ...
- Are the magnificent seven at risk of having their wings clipped?on April 24, 2024 at 5:06 pm
Perhaps investors are finally losing patience with the hundreds of billions of dollars being ploughed into artificial intelligence as the world’s leading tech companies vie for supremacy.
- Colorado Springs Utilities explores digging damage prevention with artificial intelligenceon April 23, 2024 at 11:49 am
A live TV news station covering breaking news and traffic for Colorado Springs, Pueblo, and Southern Colorado with a strong investigative team ...
- ZBeta launches innovative Enterprise Security Risk Practice to transform security consulting serviceson April 23, 2024 at 3:26 am
ZBeta, a pioneer in delivering comprehensive physical security consulting services, has announced the launch of its Enterprise Security Risk Practice, setting a new standard in security ...
- Jacobs Solutions: Structural Growth From Infrastructure Modernization And Sustainabilityon April 22, 2024 at 5:36 am
Jacobs is well-positioned to benefit from rising demands for infrastructure modernization and sustainability initiatives. Find out why J stock is a Strong Buy.
The Latest Google Headlines on:
Risks of Intelligent Infrastructure
[google_news title=”” keyword=”Risks of Intelligent Infrastructure” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]
