1
Our view of what constitutes a safety critical system needs to move from the distant oil rig and refinery, nuclear power station, and occasional reliance on air trac control, to the closer ship, autonomous vehicle, health IoT and drone. These things can present threats not only to security and privacy but to safety too. Maritime cyber needs to catch up with the emerging aerospace industry focus on risks, as bulk carriers can be floating bank vaults (with goods tempting pirates or smugglers), data centres (loaded with data and sensors that can be spoofed or copied), or bombs (given explosive cargo, such as liquid natural gas (LNG). Autonomous or self-driving vehicles, from cars through lorries to even ships, present potential for threats to drivers (on autopilot), passengers, pedestrians and others. Written and machine-learned software algorithms have to not only read and respond to their surroundings accurately, but to make ethical decisions. TV shows have shown bad actors compromising insecure pace makers wirelessly and causing cardiac failure in their host; there are scripts for this sort of attack in the real world. Dosages and readings can be electronically manipulated; beyond privacy exposure of medical data, this could lead to some very serious impacts. Drones have moved from being the INFORMATION SECURITY plaything of advanced military nations, raining death from above, through domestic toys, and then back to tools for search and rescue, emergency response and other good uses. This dual-use brings the potential for good or ill, and controls are needed to protect areas and people. As in many advances, convenience and connectivity bring openness and exposure. This means that it is critical we ensure the safety of such systems. You can follow Gareth on Twitter: @garethniblett As convenience and connectivity breed exposure, cyber criminals are targeting new and previously unseen attack vectors, says Gareth Niblett, Chair of the BCS Information Security Specialist Group. This means that security practitioners and infrastructure managers need to be ever more prepared for an attack. Maritime industry is easy meat for cyber criminals https://blog.kaspersky.com/ maritime-cyber-security/8796 FURTHER INFORMATION doi:10.1093/itnow/bww070 ©2016 The British Computer Society Image: istock.com/cincila DEFINING THE LATEST THREATS September 2016 ITNOW 29

BCS ITNow 201609 - Defining the Latest Threats

Embed Size (px)

Citation preview

Our view of what constitutes a safety critical system needs to move from the distant oil rig and refinery, nuclear power station, and occasional reliance on air traffic control, to the closer ship, autonomous vehicle, health IoT and drone. These things can present threats not only to security and privacy but to safety too.

Maritime cyber needs to catch up with the emerging aerospace industry focus on risks, as bulk carriers can be floating bank vaults (with goods tempting pirates

or smugglers), data centres (loaded with data and sensors that can be spoofed or copied), or bombs (given explosive cargo, such as liquid natural gas (LNG).

Autonomous or self-driving vehicles, from cars through lorries to even ships, present potential for threats to drivers (on autopilot), passengers, pedestrians and others. Written and machine-learned software algorithms have to not only read and respond to their surroundings accurately, but to make ethical decisions.

TV shows have shown bad actors compromising insecure pace makers wirelessly and causing cardiac failure in their host; there are scripts for this sort of attack in the real world. Dosages and readings can be electronically manipulated; beyond privacy exposure of medical data, this could lead to some very serious impacts.

Drones have moved from being the

INFORMATION SECURITY

plaything of advanced military nations, raining death from above, through domestic toys, and then back to tools for search and rescue, emergency response and other good uses. This dual-use brings the potential for good or ill, and controls are needed to protect areas and people.

As in many advances, convenience and connectivity bring openness and exposure. This means that it is critical we ensure the safety of such systems.You can follow Gareth on Twitter: @garethniblett

As convenience and connectivity breed exposure, cyber criminals are targeting new and previously unseen attack vectors, says Gareth Niblett, Chair of the BCS Information Security Specialist Group. This means that security practitioners and infrastructure managers need to be ever more prepared for an attack.

Maritime industry is easy meat for cyber criminals https://blog.kaspersky.com/maritime-cyber-security/8796

FURTHER INFORMATION

doi:1

0.10

93/i

tnow

/bw

w07

0 ©

2016

The

Brit

ish

Com

pute

r So

ciet

yIm

age:

isto

ck.c

om/c

inci

la

DEFINING THE LATEST THREATS

September 2016 ITNOW 29