Tag Archive for: Physical

A Hacking Spree Against Iran Spills Out Into the Physical World

/in


In April 2020 hackers infiltrated the systems of an Israeli water-pumping station and tampered with equipment. Individual pumps started malfunctioning as officials scrambled to keep water supplies flowing for millions of people. After the incident, which has been linked to Iran, officials said the damage could have been much worse: They suspect the attack was intended to poison water supplies by increasing chlorine levels. Weeks later, hackers targeted an Iranian port in an apparent act of retaliation.

“This was the first time that a nation responded immediately through the cyber medium for a cyberattack,” says Lotem Finkelstein, director of threat intelligence and research at Israeli cybersecurity company Check Point. The attacks, he says, marked the start of a new wave of hacking against infrastructure in the region, which has disrupted millions of lives.

In the past several months, those strikes have escalated. Fuel supply systems, railway controls, and an airline in Iran have all faced attacks. At the same time, hackers have posted the personal information of a million Israeli LGBTQ dating app users, and exposed certain details about the Israeli army. The skirmishes—which have included physical sabotage and the destruction of facilities—are the latest moves in the decades-long hostilities between Iran and Israel. They’re now spilling further into shadowy acts of digital espionage and disruption.

The attacks worry experts, who say the infrastructure that underpins large parts of daily life should be off-limits for state-sponsored hackers. The US Cybersecurity and Infrastructure Security Agency has set out 16 crucial sectors—including energy, health care, dams, and food—that it believes should be out of the scope of state-sponsored hackers. The attacks also come as Iran restarts nuclear weapons negotiations with world superpowers.

“It seems that this is a case of different actors trying to demonstrate their capabilities in order to basically establish a new kind of balance of power in the region,” says Esfandyar Batmanghelidj, a visiting fellow at the European Council on Foreign Relations think tank, who adds there has been greater diplomacy between countries in…

Source…

Public officials are under physical and digital siege

/in


I am deeply troubled by recent events in which attackers appear to target U.S. diplomats with the purpose of causing them debilitating health symptoms. These symptoms include dizziness, headache, fatigue, nausea, anxiety, cognitive difficulties and memory loss. This illness has been dubbed “Havana Syndrome” because it was first experienced by U.S. State Department personnel stationed in Cuba beginning in late 2016.

We are observing a similar pattern of brazen and sophisticated attacks on our public officials in the digital world. One type of attack we are increasingly seeing involves attackers using “botnets,” large, coordinated groups of compromised computing devices that attackers direct to attack specific targets, often websites. Attackers are now using sophisticated botnets to scrape government websites for the personal information of U.S. officials. The attackers then use the scraped data to blackmail or phish public officials. Artificial intelligence (AI)-controlled bots can hit vast numbers of sites at lightening speeds and enable attackers to target specific individuals who are likely to have access to sensitive government information. If officials are successfully phished, attackers can steal credentials and potentially access sensitive government information and platforms. 

We are also seeing a major uptick in the impersonation or takeover of public officials’ social media accounts by bad actors. While an account takeover would be a frustrating nuisance to most of us, the takeover of a high-level public official’s social media account could have real world security or economic impacts.

We saw a hint of how extensive this threat could be last year, when the Twitter accounts of many public figures, including former President Barack Obama and President Joe Biden were compromised. While attackers only leveraged their position to promote a Bitcoin scam, one could easily see how this could be used for more nefarious and harmful purposes. For example, an account takeover or a convincing impersonation of a Federal Reserve official could potentially result in disinformation that impacts global stock markets. 

Solutions that can help mitigate these digital threats…

Source…

Physical World Hacking – the New Frontier of Cybercrime | Kenny Sahr

/in


Cybercrime cost businesses and governments over $1 trillion in 2020, according to security software company McAfee. When we speak of cybercrime, we refer to damage to digital assets – computer files. Cybercrime is quickly moving from the digital world to the physical world.

Our Connected World
Over the past few years, more and more “things” are being connected. Smartphones are connected to the newly-minted smart home via light bulbs and appliances. Factories are adding internet connected parts and machinery. Cars are increasingly run by software. The COVID pandemic is accelerating the trend as people work at home and gain access to physical assets (and not just files) from factories that until recently were “air-gapped” (not connected to networks).

Imagine this scenario: a factory manager has access to a boiler from his home office. He ignores IT cybersecurity rules and a hacker gains access to his laptop. The hacker can theoretically raise the temperature of the boiler and cause damage to physical assets and people.

The Dangers of Hacking the Physical World
Criminal hackers are well aware of the new frontier of physical world hacking. The general public is not. The goal of this article is to inform you of what to expect in the coming years. Cybercrime is dangerous enough today. Adding the element of harming people and “stuff” takes cybercrime to a whole new level. I hope society is ready for the wave that is coming.

Let’s take a quick look at the future of cybercrime.

Automotive Hacking
Imagine hackers capable of distracting drivers. It is enough to generate flashing lights on the dashboard in order to wreak havoc. How about changing code on the software that runs your brakes? Cars are especially vulnerable for two reasons –

1. Cars move fast and can harm drivers, passengers and pedestrians
2. It is not easy to update the software or operating system of a car

The roads are dangerous enough without the added risk of hacking. Furthermore, unlike your phone or laptop, it is not easy to update a car’s software. On our personal devices, it just takes a few clicks in order to fix a vulnerability. For a car, today this translated into a recall – bringing an…

Source…

US Capitol attack a wake-up call for the integration of physical & IT security

/in


Cyber-physical security

Dark Reading

As Capitol rioters stormed the building, photos were released around social media of rioters sitting at the desks of US elected officials. Clearly, this caused serious concerns in the fields of both physical and cyber security. Seth Rosenblatt, Editor-in-chief and founder of The Parallax, an online cyber security and privacy news magazine, discusses how two traditionally disparate security disciplines can be united.

One of the harrowing images to come out of Wednesday’s attack on the US Capitol was a photo posted by a rioter of an open laptop on a desk in US House Speaker Nancy Pelosi’s office. The screen was visible and apparently unlocked, with a warning in a black box that read, “Capitol: Internet Security Threat: Police Activity.”

While it remains unclear whether the laptop allegedly stolen from Pelosi’s office during the attack on the Capitol is the same one that was photographed in an unlocked state, it underscores how physical security and IT security can go hand in hand.

Pelosi’s Deputy Chief of Staff said on Twitter that the stolen laptop had limited access to sensitive documents and was used just for presentations. Even so, security experts expressed concern at the security implications of stolen Congressional computers and devices.

USCapitol-PhysicalCyber-20

Along with laptops and physical mail that were stolen, the rioters had the opportunity to infiltrate congressional computer systems and networks. Without proper logging of network and system access, a tech-savvy rioter could have done significant harm to congressional computers and systems, points out Dan Tentler, Executive Founder of security testing company Phobos Group.

“Just because an attacker accidentally found themselves in the office of the speaker of the house doesn’t mean that they didn’t have the means to hack Congress,” he says.

Traditionally, disparate physical security and IT security operations are integrating awkwardly. As technology rapidly changes and organisations increasingly emphasise IT security, they run the risk of ignoring physical security concerns — and how they can impact on computer devices, systems, and networks. Equally prioritizing physical and IT…

Source…