Risk
9/28/2009
11:36 AM
George V. Hulme
George V. Hulme
Commentary
50%
50%

Hacking Gets Physical

The guilty plea entered into federal court last week, by a contract IT worker, for disrupting a computer system used to monitor off-shore oil platforms shows that illegal hacking is likely to increasingly danger the physical world.

The guilty plea entered into federal court last week, by a contract IT worker, for disrupting a computer system used to monitor off-shore oil platforms shows that illegal hacking is likely to increasingly danger the physical world.In March of this year, the contractor was indicted for allegedly damaging computer systems, after Long Beach-based Pacific Energy Resources, Ltd. (PER) declined to offer the worker a full-time position.

According to a statement issued by the U.S. Department of Justice, the man consulted on the implementation of a system used by PER to electrically communicate and monitor for potential platform leaks.

Then, allegedly disgruntled, the consultant accessed the system without authorization and "caused damage by impairing the integrity and availability of data," according to the indictment. There is no indication of any environmental harm.

In a blog, last month, we covered the warning, from the research team SINTEF Group, an independent Norwegian think tank, to oil companies worldwide that offshore oil rigs are making themselves particularly vulnerable to hacking as they shift to unmanned robot platforms where vital operations are remotely managed. (Read: Hacking Oil Rigs).

And, earlier this year, a number of stories surfaced that highlighted the security dangers surrounding smart meters and the smart grid. As Thomas Claburn wrote in Black Hat: Smart Meter Worm Attack Planned -- smart meters being installed in consumers' homes are susceptible to the same types of attacks as PCs. So are, to some extent, medical devices. And The New York Times reported in March of 2008 in A Heart Device Is Found Vulnerable to Hacker Attacks:

The threat seems largely theoretical. But a team of computer security researchers plans to report Wednesday that it had been able to gain wireless access to a combination heart defibrillator and pacemaker.

They were able to reprogram it to shut down and to deliver jolts of electricity that would potentially be fatal - if the device had been in a person. In this case, the researcher were hacking into a device in a laboratory.

As I either worked in, or covered IT systems as a journalist, since the late 1980s -- one thing has been certain: security efforts lag system usage. It was true with the PC, which had viruses spread by diskettes. It was true with LANs, which saw its share of access control and system vulnerabilities. And those same types of vulnerabilities were only amplified with the advent of the Internet and Web-based applications. Unfortunately, I've little doubt we will see the same trend as "cyber" and physical systems converge.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7421
Published: 2015-03-02
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.

CVE-2014-8160
Published: 2015-03-02
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disall...

CVE-2014-9644
Published: 2015-03-02
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-201...

CVE-2015-0239
Published: 2015-03-02
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYS...

CVE-2014-8921
Published: 2015-03-01
The IBM Notes Traveler Companion application 1.0 and 1.1 before 201411010515 for Window Phone, as distributed in IBM Notes Traveler 9.0.1, does not properly restrict the number of executions of the automatic configuration option, which makes it easier for remote attackers to capture credentials by c...

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.