Home Cyber-Kinetic Security

Cyber-Kinetic Security

Securing Society 5.0 Introduction
A term first coined by the Japanese government, “Society 5.0” describes "A human-centered society that balances economic advancement with the resolution of social problems by a system that highly integrates cyberspace and physical space." The fifth evolution of the society, enabled by the fifth generation of cellular networking and cyber-physical systems, imagines technology, things and humans converging to address some of the biggest societal challenges. The concept encompasses Industry 4.0, Fourth Industrial Revolution, Smart-Everything World and other buzzwords of the moment. In the society of the future the more the cyber and physical worlds are combined, the greater the benefits...
Cyber-Kinetic Railway
In their growing efforts to increase efficiencies through digitization and automation, railways are becoming increasingly vulnerable to cyber-kinetic attacks as they move away from strictly mechanical systems and bespoke standalone systems to digital, open-platform, standardized equipment built using Commercial Off the Shelf (COTS) components. In addition, the increasing use of networked control and automation systems enable remote access of public and private networks. Finally, the large geographical spread of railway systems, involving multiple providers and even multiple countries, and the vast number of people involved in operating and maintaining those widespread systems offer attackers an almost unlimited number of attack...
IoT Cybersecurity Framework Government
The human brain is programmed to keep us safe and secure. Yes, we are separated from the rest of the animal kingdom by our advanced capacities of sense-making and decision-making, but at the core of our grey matter remains some primitive but powerful tech tasked with keeping us alive. If your amygdala senses danger, it makes a split second decision and triggers the fight-or-flight response, flooding your body with hormones like adrenaline that prepare you for battle. This overrides the cortex – the sophisticated part of the brain we rely on for problem-solving and strategic thinking – making it...
5G Connectivity Security
The timeline of human history is marked by inflection points of major technological advancement. The plow, the printing press, the telegraph, the steam engine, electricity, the telephone, the internet: each of these breakthroughs precipitated tectonic shifts in how people lived and worked. Now, in the early part of the 21st century, we stand witness to the birth of a new industrial revolution built on 5th generation cellular technology - 5G network. As the name implies, 5G network follows a developmental chain. First came 1G, the first generation of cellular communication that freed us to make voice calls without being tethered...
Maritime Cyber-Kinetic
The maritime industry faces a not-so-distant future when ships will be completely autonomous, using navigation data that they receive to plot their own courses with only minimal input from shoreside control centers. The efficiencies this could bring are massive, but before this happens, cybersecurity issues must be addressed. Not only are many vessels configured in ways that invite cyberattacks, but security practices also need to be improved before the industry can safely navigate its future. An increasingly digitized maritime industry A fleet of 250 autonomous vessels may launch soon. And that would be only the beginning, according to McKinsey and Co....
Information Security IT Security
Information security and IT security are often used interchangeably. Even among InfoSec professionals. The terms are interrelated and often share the common goals of protecting the confidentiality, integrity and availability of information, however; there are significant differences between them. IT security is only concerned with the systems that store, process, transfer and make available electronic data. Information security goes far beyond that. It encompasses classification of information across an organization, information security policies and procedures, physical security aspects, legal protections, HR, awareness, and retention of information, regardless of information format. Even when the information is on paper or in employees’ heads. Examples...
Chinese cybercrime
Western publications often picture the People’s Democratic Republic of China (hereafter China) as the world’s chief propagator of cyberattacks. But the picture is much more complex than such broad-brush claims suggest. Few Westerners realize that China and its neighbours in the Greater China region (Taiwan, Macau and Hong Kong) have, over last few years, became the most technologically advanced region in the world – ahead of the West in the adoption, and in many cases even in the development of advanced technologies. Countries in the region were always close to the top of the list of victims of cyberattacks. Factors, such...
Cyber-Kinetic Security, IoT Security, OT Security
We live in a world in which the way we observe and control it is radically changing. Increasingly, we interact with physical objects through the filter of what computational systems embedded in them tell us, and we adjust them based on what those systems relate. We do this on our phones, in our cars, in our homes, in our factories and, increasingly, in our cities. Physical objects are so interconnected that we simply take those connections for granted, as if being able to unlock your car by pushing a button on your key fob, unlocking it with your phone or...
Wi-Fi Cybersecurity
The Wi-Fi represents wireless technology that includes the IEEE 802.11 family of standards (IEEE 802.11a, IEEE 802.11b, IEEE 802.11g, IEEE 802.11n, IEEE 802.11ac, etc.). Within 50m range, it operates in 2.4 GHz and 5GHz frequency bands,. This technology was developed for wireless networking of computer devices and is commonly called WLAN (Wireless Local Area Network), where the communication is realized between wireless routers typically connected to the Internet and other wireless nodes within its range. In correlation with performances of specific IEEE 802.11 standards, different data rates are enabled and their theoretical throughput is 11 Mbps (IEEE 802.11b), 54 Mbps (IEEE...
Italian Earthquake Risk Management
We have to ask ourselves; at what point does an unexpected outcome via expert prediction justify a prison sentence? Minutes after I delivered cyber risk assessment results to my Italian client, I heard the news – six Italian scientists and a government official have been sentenced to six years in prison over statements they made prior to a 2009 earthquake that killed 309 in the town of L’Aquila in Italy. The offense? Manslaughter. This group was comprised of well-respected members of the National Commission for the Forecast and Prevention of Major Risks which apparently the public had deemed as being able to...
Cyber-Kinetic
The attacker stepped out from behind a hedge in the upper-class suburban neighborhood, being careful to stay in the shadows. Across the street, the last lights shining through the windows of the house had just flickered out. She tugged the bottom of her black hoodie into place and pulled the hood up over her head, casting her face deeper in shadow. Her target sat in the driveway at the front of the house, a bright red and completely decked out SUV. Glancing up and down the street to ensure no one was looking, she slipped across the street into the...
Social Engineering
Social engineering doesn't have to be just a supporting process to obtain system access; it is could be even more dangerous when it is used as the main attack. We, information security defenders, rarely consider that risk. If you think Social Engineering is an effective way to obtain access to systems by exploiting the weakest link – people – you are correct. But not completely correct. Social engineering could be much more than what is being discussed in the media or on social engineering awareness sessions. Social Engineering is the most effective way to: obtain information. It’s a subtle difference, but one...
5G Security Privacy
Don’t let the “5G” in the title confuse you. This post is not only about the telcos’ core networks, but about the 5G security and privacy issues in our (very) near, and very different future that 5G will enable. In the 5G-enabled massive Internet of Things (mIoT) world we’re about to find ourselves in, we are expected to have 1000 devices connected for every person… These devices will be the components of the ‘5G operating system’ for our smart cities, our industry 4.0, our smart homes, smart transportation, smart healthcare, and much more. To enable this future, we will...
5G Critical Infrastructure
Not even 30 years separate us from the end of the Cold War. Yet, we appear to be witnessing the emergence of a new one, a technology Cold War between the United States and China. This time, instead of a ‘red under the bed’, the US government has declared there is one at the back door. It accuses Chinese technology companies of deliberately building vulnerabilities into their tech, allowing the Chinese to access and control the 5G critical infrastructure, and through it the connected devices and machinery at will. Headlines are dominated by the case against Huawei, and debate continues...
Security Standards Regulations Guidelines
Below is my attempt to list of all published 5G, IoT and "Smart Everything"-related security guidelines, frameworks and standards. If you are aware of additional entries that should be here, please let me know at [email protected]
Mastodon