Home Cyber-Kinetic Security

Cyber-Kinetic Security

Cyber-Kinetic Attacks History
The fact that cyber-kinetic attacks rarely appear on mainstream news doesn’t mean they don’t happen. They happen more frequently than you would think. Many, for various reasons, aren’t even reported to agencies charged with combatting them. This hinders security experts in understanding the full scope and recognizing the trends in this growing problem. We’ll highlight examples of cyber-kinetic incidents and attacks in this chapter. Some were malfunctions that, nonetheless, demonstrated cyber-physical system vulnerabilities. Some were collateral damage from hacking or computer viruses. The vulnerabilities these exposed inspired a growing number of targeted cyber-kinetic attacks in recent years. The Beginning of Cyber-Kinetic...
IEMI
As IoT adoption continues to proliferate, manufactures and adopters are increasingly aware of cybersecurity risks to IoT. Yet, even among the IoT security professionals, one significant potential remote attack vector is often overlooked: intentional electromagnetic interference (IEMI). Electromagnetic interference (EMI) surrounds us – natural causes, such as solar flares and lightning; and man-made sources such as radio and TV broadcasting, radars, microwaves and many others all emit electromagnetic waves that could disrupt operation of electrical and electronic devices. That is, if devices wouldn’t comply with numerous electromagnetic compatibility (EMC) standards which ensure correct operation in common electromagnetic environment and resilience...
Cyber-Kinetic Railway
In their growing efforts to increase efficiencies through digitization and automation, railways are becoming increasingly vulnerable to cyber-kinetic attacks as they move away from strictly mechanical systems and bespoke standalone systems to digital, open-platform, standardized equipment built using Commercial Off the Shelf (COTS) components. In addition, the increasing use of networked control and automation systems enable remote access of public and private networks. Finally, the large geographical spread of railway systems, involving multiple providers and even multiple countries, and the vast number of people involved in operating and maintaining those widespread systems offer attackers an almost unlimited number of attack...
Canada Critical Infrastructure
Targeted cyberattacks against critical infrastructure (CI) are increasing on a global scale. Critical systems are rapidly being connected to the internet, affording attackers opportunities to target virtual systems that operate and monitor physical structures and physical processes through various modes of cyberattack. When people think of cyberattacks, their minds often go first to the financial sector. After all, that’s the type of attack people hear about most frequently; it’s where the money is and it’s what seems most natural for cybercriminals to target. Enterprises frequently focus on such cyber-enabled financial crimes to the point that they give too little thought...
Tangible threat of cyber kinetic attacks
Connecting physical objects and processes to the cyber world offers us capabilities that exponentially exceed the expectations of science fiction writers and futurists of past generations. But it also introduces disquieting possibilities. Those possibilities reach beyond cyberspace to threaten the physical world in which we live and – potentially – our own physical well-being. That's the threat of cyber-kinetic attacks. Our physical world is becoming more connected – which makes it more dependent on the cyber world. Many physical objects around us are no longer just physical, but extend into cyberspace, being remotely monitored and controlled. Increasingly, our factories, cities,...
Wi-Fi Cybersecurity
The Wi-Fi represents wireless technology that includes the IEEE 802.11 family of standards (IEEE 802.11a, IEEE 802.11b, IEEE 802.11g, IEEE 802.11n, IEEE 802.11ac, etc.). Within 50m range, it operates in 2.4 GHz and 5GHz frequency bands,. This technology was developed for wireless networking of computer devices and is commonly called WLAN (Wireless Local Area Network), where the communication is realized between wireless routers typically connected to the Internet and other wireless nodes within its range. In correlation with performances of specific IEEE 802.11 standards, different data rates are enabled and their theoretical throughput is 11 Mbps (IEEE 802.11b), 54 Mbps (IEEE...
Cyber-War
“Cyber war” is a term that is in recent days used so liberally that people may often wonder if these words are as menacing as they sound or used only as a tool to incite fear as a way to control a society that increasingly depends on technology. How we prepare and respond to cyber attacks depends on whether we believe we are in cyber war. It influences how we estimate the risks, potential impacts, or insurance premiums. Preparation for and response to cyber war implies government involvement and that might mean handing over the control of our networks to...
Cyber-Kinetic Timeline
Below is a timeline of key historic cyber-kinetic attacks, system malfunctions and key researcher demos targeting cyber-physical systems (CPS), Internet of Things (IoT) and Industrial Control Systems (ICS) resulting in kinetic impacts in the physical world. I tried to select only those that were first-of-the-kind or that significantly increased general awareness about a particular type of an attack or incident I know that the list is incomplete. That’s where you come in. If you are aware of an incident or a research that demonstrated something new regarding cyber-kinetic threats or helped significantly raise the awareness, please contact me. For a more...
Maritime Cybersecurity
The open seas have long attracted those who yearned for adventure. The risk of pitting oneself against a vast and unforgiving sea has tested sailors’ mettle for millennia. It’s not surprising that the maritime industry is one that thrives on facing – and overcoming – risks. But, as technology increasingly dominates it, growing risks exist that the industry dare not ignore. Its growing effort to increase efficiencies through digitization and automation has made it an inviting target for 21st century pirates whose weapons are not cutlasses, but computers. Vulnerabilities in maritime systems and security practices threaten to inflict huge losses...
5G Critical Infrastructure
Not even 30 years separate us from the end of the Cold War. Yet, we appear to be witnessing the emergence of a new one, a technology Cold War between the United States and China. This time, instead of a ‘red under the bed’, the US government has declared there is one at the back door. It accuses Chinese technology companies of deliberately building vulnerabilities into their tech, allowing the Chinese to access and control the 5G critical infrastructure, and through it the connected devices and machinery at will. Headlines are dominated by the case against Huawei, and debate continues...
Italian Earthquake Risk Management
We have to ask ourselves; at what point does an unexpected outcome via expert prediction justify a prison sentence? Minutes after I delivered cyber risk assessment results to my Italian client, I heard the news – six Italian scientists and a government official have been sentenced to six years in prison over statements they made prior to a 2009 earthquake that killed 309 in the town of L’Aquila in Italy. The offense? Manslaughter. This group was comprised of well-respected members of the National Commission for the Forecast and Prevention of Major Risks which apparently the public had deemed as being able to...
Stuxnet Cyber-Physical Weapon
Stuxnet was the first true cyber-kinetic weapon, designed to cripple the Iranian – and perhaps also the North Korean – nuclear weapon programs. It succeeded in slowing the Iranian program, although it was discovered before it could deal the program a fatal blow. Its significance goes far beyond what it did. It marks a clear turning point in the military history and cybersecurity. Its developers hoped for a weapon that could destroy strategic targets without civilian damage possible in traditional warfare. Instead, it opened the door to cyberattacks that can deliver widespread disruption to the very civilian populations it was...
IIoT 5G Trust Security
When microwave ovens first arrived on the market in 1967 they were met with public skepticism. Perhaps it was because, not long before, the same technology now promising to safely cook consumers’ evening meals was the backbone of a military radar. Perhaps it was the $495 price tag (more than $3,700 in today’s money). Whatever the reason, in the early 1970s the percentage of Americans owning a microwave was tiny. By 2011, it was 97%. What changed? Trust and convenience. When microwave technology was first released, it was difficult to trust. Cooking without using heat? It was simply too alien. In 1973,...
Cybersecurity IoT 5G Cyber-Kinetic Risks
Getting smart about security in smart systems Smart used to be something we called people or pets. It wasn't a term one would use to describe one's hairbrush. That is changing, of course, in an era of accelerating digital transformation. Now we have smart homes, smart cities, smart grids, smart refrigerators and, yes, even smart hairbrushes. What's not so smart, though, is the way the cybersecurity and cyber-kinetic security risks of these systems are often overlooked, and with new horizon technologies like 5G, these problems are set to grow exponentially. Cyber-physical systems and the smartification of our world Cyber-connected objects have become...
Security Standards Regulations Guidelines
Below is my attempt to list of all published 5G, IoT and "Smart Everything"-related security guidelines, frameworks and standards. If you are aware of additional entries that should be here, please let me know at [email protected]