Cyber-attack fatality 'is possible and plausible'

22 January 2013
By James Hayes
Mobile version
Share |
Nachreiner: “Security must not be an afterthought”

Nachreiner: “Security must not be an afterthought”

2013 could be the first year in which a cyber-attack leads to a human death, a Web security expert has warned.

Corey Nachreiner, director of security strategy at security management firm WatchGuard Technologies, argues that the accelerated proliferation of both networked devices and online threats over the next 12 months will create a ‘perfect storm’ of vulnerable connected systems that, if targeted, could increase the chances of a ‘fatal malfunction’.

Networked road vehicles, Internet-ready medical devices, and intelligent buildings are among the emerging connected physical domains that will start to be targeted in 2013 by cyber criminals, hacktivists, pranksters, and other ‘malicious actors’ – including nation states –Nachreiner believes.

“Our lives become more dependent on computing devices every day,” he said. 

“They are increasingly embedded in the infrastructure that provides us with energy and water. 

“And all the time we are actively engaged in connecting all these devices together. 

“Yet some of our most critical systems now suffer from fundamental vulnerabilities.”

Nachreiner warns that with more connected computer components embedded in cars, phones, TVs, navigation aids, and even medical devices, “digitally-dealt death is not only possible, it is plausible… though I hope that I am wrong”.

He also points out that technology now exists for roadside hackers to interfere with satnav tools, causing drivers to make life-threatening driving decisions, for instance, or even hack into automotive systems and cause airbags to inflate. 

Medical systems themselves are also becoming increasingly connected through to public networks, which introduces another range of vulnerabilities, says Nachreiner: 

“Recently, a researcher [at the Breakpoint conference, Melbourne] even showed how to wirelessly deliver an 830V shock to an insecure pacemaker”.

Other scenarios include intelligent buildings, where unauthorised online access to control systems for lifts and escalators could result in people being trapped when in need of urgent medical treatment, or critically injured due to sudden motion stoppages.

“We are connecting around the ‘air gaps’ that used to protect things like industrial control systems, in-building transport mechanisms, and medical systems,” Nachreiner explains.

“Despite the risks, security is often still an afterthought when innovative technical systems are being developed.”

Nachreiner is calling for a more regulated approach to software development, to ensure that insecure coding results in financial penalties for those responsible for flawed software.

Latest Issue

E&T cover image 1607

"As the dust settles after the referendum result, we consider what happens next. We also look forward to an international summer of sport."

E&T jobs

  • Chair in Integrated Sensor Technology

    The University of Edinburgh
    • Edinburgh, City of Edinburgh

    The University of Edinburgh is one of the world’s top 20 institutions of higher education.....

    • Recruiter: The University of Edinburgh

    Apply for this job

  • Principal Electrical Engineer - Power

    BAE Systems
    • Bristol, England / Cumbria, Barrow-In-Furness, England
    • Negotiable

    Principal Electrical Engineer - Power Join our Electrical Power team and help design the self-contained generation and distribution system for the Successor submarine - a new generation of submarine designed to carry the UK's independent nuclear deterrent

    • Recruiter: BAE Systems

    Apply for this job

  • Operations Supervisor (Mechanical/Electrical/Instrumentation)

    National Grid
    • England, Cambridgeshire
    • £33000 - £39000 per annum

    Operations Supervisor - (Mechanical/Electrical/Instrumentation) Salary: Circa £33k - 39k dependant on experience + vehicle and great additional benefits (share scheme, pension, potential bonus).Location: Wisbech - Cambridgeshire We currently have an excit

    • Recruiter: National Grid

    Apply for this job

  • Lead NDT Trainer

    BAE Systems
    • England, Lancashire
    • Competitive package

    Would you like to be involved with training UK and international teams in Non Destructive Inspection (NDI) to support the in service fleet (Typhoon Tornado, and Hawk)?

    • Recruiter: BAE Systems

    Apply for this job

  • Systems Design - Emerging Portfolio

    MBDA
    • Bristol
    • Competitive Salary & Benefits

    What?s the opportunity?   There are fantastic opportunities in Systems Design for engineers to work within Future Systems. These are highly visible, fast paced roles, in...

    • Recruiter: MBDA

    Apply for this job

  • Metering Engineer

    Department for Business, Innovation and Skills
    • Teddington, United Kingdom
    • £24,109 - £27,961 plus EO Electronics PE of £8,090.00

    We are now looking for a Metering Engineer to deliver RD’s In-Service Testing (IST) scheme for gas and electricity meters.

    • Recruiter: Department for Business, Innovation and Skills

    Apply for this job

  • Head of Operational Estates

    Premium job

    The Shrewsbury and Telford Hospital NHS Trust
    • Shrewsbury, Shropshire
    • £46,625 to £57,640 per annum

    As an experienced Estates Manager, you will play a key role in helping to shape the future of the Estates service.

    • Recruiter: The Shrewsbury and Telford Hospital NHS Trust

    Apply for this job

  • Engineering Project Manager - Electrical & Automation

    Nestle
    • York, North Yorkshire
    • c£45,000 + Car Allowance + Bonus + Excellent Benefits

    Nestlé Product Technology Centre in York currently has an excellent opportunity for an Engineering Project Manager

    • Recruiter: Nestle

    Apply for this job

  • Assistant Professor (Tenure Track) of Smart Building Solutions

    Premium job

    ETH Zurich
    • Zurich, Canton of Zürich (CH)

    The successful candidate is expected to develop a strong and visible research programme in the area of control and diagnostics of building systems

    • Recruiter: ETH Zurich

    Apply for this job

  • Process Controls Leader

    Premium job

    Phillips 66
    • Humber Refinery, South Killingholme, North Lincolnshire DN40 3DW
    • £60k - 75k plus extensive Compensation and benefits package, dependent upon experience

    Experienced Process Control Leader providing leadership and technical support for Oil Refinery. Extensive Compensation and benefits package.

    • Recruiter: Phillips 66

    Apply for this job

More jobs ▶

Subscribe

Choose the way you would like to access the latest news and developments in your field.

Subscribe to E&T