Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Government

Warning Over 'Panic' Hacks on Cities (bbc.com) 43

Security flaws have been found in major city infrastructure such as flood defences, radiation detection and traffic monitoring systems. A team of researchers found 17 vulnerabilities, eight of which it described as "critical." From a report: The researchers warned of so-called "panic attacks," where an attacker could manipulate emergency systems to create chaos in communities. The specific flaws uncovered by the team have been patched. "If someone, supervillain or not, were to abuse vulnerabilities like the ones we documented in smart city systems, the effects could range from inconvenient to catastrophic," wrote Daniel Crowley, from IBM's cyber research division, X-Force Red. "While no evidence exists that such attacks have taken place, we have found vulnerable systems in major cities in the US, Europe and elsewhere." The team plans to explain the vulnerabilities at Black Hat -- a cyber-security conference -- on Thursday.
This discussion has been archived. No new comments can be posted.

Warning Over 'Panic' Hacks on Cities

Comments Filter:
  • by Joe_Dragon ( 2206452 ) on Thursday August 09, 2018 @12:28PM (#57097454)
  • If making a series of false-flag terrorist attacks against your own citizens just to get elected doesn't make you a supervillain, I don't know what would.

    And that one has been pretty widely proven, not just by Litvinenko but even by ordinary police, identifying the FSB as a culprit.

    Thus, if doing so on own soil is "ok", you can expect anything in a rival country.

    • If making a series of false-flag terrorist attacks against your own citizens just to get elected doesn't make you a supervillain, I don't know what would.

      And that one has been pretty widely proven, not just by Litvinenko but even by ordinary police, identifying the FSB as a culprit.

      Thus, if doing so on own soil is "ok", you can expect anything in a rival country.

      And let me guess, the earth is flat, contrails are spreading mind control agent, the moon landings were staged, am I missing anything else that nutjobs and whackos believe too?

      • Uhm, what? Please tell me what's the connection between Putin repeatedly using such tactics, and often even intentionally going out of his way to sign them (Litvinenko could have been knifed during a "robbery", so could Skripal) -- and random nutjobs?

        If you have doubts about Russian involvement, please for example check IPs of shitposters: there's a remarkable lack of bots from Russia, except of a rare operator error when the connection was directly from Petersburg (but no other part of the country). Or,

  • by gweihir ( 88907 ) on Thursday August 09, 2018 @12:45PM (#57097600)

    Almost all IT security these days is "cheaper than possible" because the people in charge are not able to do risk management. Until there are "reference catastrophes" of sufficient magnitude, they will mistakenly believe they are safe and do nothing. Then they will find out that decades of mismanagement are not easy to fix. It is always the same story. It is always utterly stupid. It is always completely obvious to actual experts what is going on, but nobody listens to them.

    The leadership we have on all levels is not modern, educated, enlightened. It is cave men (and the occasional cave-woman) dressed in suits, full of themselves, greedy, corrupt and utterly incompetent and unsuitable to fill their core responsibilities.

    • by Thud457 ( 234763 )
      And even when we do learn our lesson from hard experience, latter generations ignore the perfectly unmistakable warnings their forefathers left behind [atlasobscura.com]. Apply this wisdom to current events as you see fit.
      • by gweihir ( 88907 )

        Indeed. Most of these "leaders" will repeat history because they are unable to learn from it. The thing that really makes me angry is the sheer stupidity involved.

    • by tlhIngan ( 30335 )

      Almost all IT security these days is "cheaper than possible" because the people in charge are not able to do risk management. Until there are "reference catastrophes" of sufficient magnitude, they will mistakenly believe they are safe and do nothing. Then they will find out that decades of mismanagement are not easy to fix. It is always the same story. It is always utterly stupid. It is always completely obvious to actual experts what is going on, but nobody listens to them.

      The leadership we have on all lev

      • by gweihir ( 88907 )

        A few problems.

        First, you cannot tell the difference between good security and bad security.

        I disagree. The people who can are out there and you can hire them. Not cheap and they will tell you things you will not want to hear. But you can get them to look at your situation, tell you were you stand, and what you need to do to keep that standing or to improve it.

        I do agree (basically summarizing the rest of your points, my apologies), that it also takes real insight to recognize these experts and that hiring them and doing what they recommend is often politically problematic and often actually impos

  • by Anonymous Coward

    1: Flash something to Teslas and other "always-on" vehicles. A lot of vehicles use interference engine designs, so by having those mistime, cylinders will smash into valves, and that is the end of that.
    2: Wait for a natural disaster like a hurricane, or something requiring an evacuation.
    3: Trigger the vehicles to destroy their engines, or just erase their ECM firmware.
    4: ????
    5: Profit.

    It only takes a few vehicles to be disabled from remote as a percentage to render all highways out of a city impassibl

  • by mea2214 ( 935585 ) on Thursday August 09, 2018 @12:52PM (#57097658)
    Anyone is authorized to pull it even if there isn't a fire.
    • by Anonymous Coward

      Anyone is authorized to pull it even if there isn't a fire.

      The fire alarm is open to anyone in the building.

      The flaws discussed here are open to anyone on the Internet.

  • And about a dozen episodes of CSI?

  • "Security flaws have been found in major city infrastructure such as flood defences, radiation detection and traffic monitoring systems."

    What retard connected their city infrastructure directly to the Internet.
  • How many people have actually been seriously harmed or killed by something like what is described in these over-hyped "oh noes we need more security!" (read: give us more money) scenarios? Whatever number you come up with, it will be nothing compared to the damage cause by natural causes - storms, heat, cold, animals, not to mention the stupid things that humans do. I'll put my money towards limiting damage from those things, thank you. I wan't my power company to trim the trees and bury the power lines

Ummm, well, OK. The network's the network, the computer's the computer. Sorry for the confusion. -- Sun Microsystems

Working...