Your World of Legal Intelligence
 Canada | +1 (343) 700 0450

More Devices Gone Wild

Document Cited in Related
Vincent
AuthorJohn Gregory
DateSeptember 16, 2018

A continuing series of interesting ways that things can go wrong with information technology. Previous installments are here and here.

Devices Gone Wild IV: Hacking Critical Infrastructure through the IoT.

Critical infrastructure is of course infrastructure – communications, power, transportation – that we depend on to support how we live: not just our ‘lifestyle’ but often our life itself.

One may ask why infrastructure of any kind is connected to the notoriously vulnerable Internet at all, but it is (in some places) – for reasons of remote monitoring and control, coordination, effectiveness. A good deal of effort is made to keep it secure. Canada has a national strategy and action plan on the topic, updated this year to replace the former three-year plan. President Obama, who cared about such matters, issued wide-ranging Executive Orders and Policy Directives about it.

In the light of all this attention, how will the bad guys break in? It may be through the little things, the add-ons and non-critical, and thus non-criticized, infrastructure of the infrastructure operations – in short, Internet of Things devices to keep the buildings working – the thermostat, the ‘smart’ light switches, whatever.

We have noted before that such devices are often very simple, so simple they have no defences against intrusion, no means to be secured or upgraded, and no patch for long-known bugs and flaws.

Once something is connected to a system, it becomes a point of vulnerability for the whole system. Just as one can attack a car’s operations and steer it off the road by an attack through a tire-pressure valve or a stereo system, or hack into credit card records through a business’s heating and ventilation system, or access high-value gamblers’ records through the casino’s aquarium, so too one can get at the operations of critical national infrastructure through the little devices no one pays attention to.

No one? Well, the FBI is paying attention – and not just to critical infrastructure. The FBI warning here applies to business and personal misuses, and the linked document focuses on consumers’ connecting devices that can compromise home systems as well – including ‘critical’ personal systems like pacemakers and other medical devices.

In short, we all need to be vigilant, and sometimes our systems may be too ‘smart’ for our own good.

Devices Gone Wild V: Algorithms that Cheat

Artificial intelligence (AI) is all the rage these days – competing only against the...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT