Cyber-attack fatality 'is possible and plausible'

22 January 2013
By James Hayes
Mobile version
Share |
Nachreiner: “Security must not be an afterthought”

Nachreiner: “Security must not be an afterthought”

2013 could be the first year in which a cyber-attack leads to a human death, a Web security expert has warned.

Corey Nachreiner, director of security strategy at security management firm WatchGuard Technologies, argues that the accelerated proliferation of both networked devices and online threats over the next 12 months will create a ‘perfect storm’ of vulnerable connected systems that, if targeted, could increase the chances of a ‘fatal malfunction’.

Networked road vehicles, Internet-ready medical devices, and intelligent buildings are among the emerging connected physical domains that will start to be targeted in 2013 by cyber criminals, hacktivists, pranksters, and other ‘malicious actors’ – including nation states –Nachreiner believes.

“Our lives become more dependent on computing devices every day,” he said. 

“They are increasingly embedded in the infrastructure that provides us with energy and water. 

“And all the time we are actively engaged in connecting all these devices together. 

“Yet some of our most critical systems now suffer from fundamental vulnerabilities.”

Nachreiner warns that with more connected computer components embedded in cars, phones, TVs, navigation aids, and even medical devices, “digitally-dealt death is not only possible, it is plausible… though I hope that I am wrong”.

He also points out that technology now exists for roadside hackers to interfere with satnav tools, causing drivers to make life-threatening driving decisions, for instance, or even hack into automotive systems and cause airbags to inflate. 

Medical systems themselves are also becoming increasingly connected through to public networks, which introduces another range of vulnerabilities, says Nachreiner: 

“Recently, a researcher [at the Breakpoint conference, Melbourne] even showed how to wirelessly deliver an 830V shock to an insecure pacemaker”.

Other scenarios include intelligent buildings, where unauthorised online access to control systems for lifts and escalators could result in people being trapped when in need of urgent medical treatment, or critically injured due to sudden motion stoppages.

“We are connecting around the ‘air gaps’ that used to protect things like industrial control systems, in-building transport mechanisms, and medical systems,” Nachreiner explains.

“Despite the risks, security is often still an afterthought when innovative technical systems are being developed.”

Nachreiner is calling for a more regulated approach to software development, to ensure that insecure coding results in financial penalties for those responsible for flawed software.

Latest Issue

E&T cover image 1604

"Should the UK's engineers be in or out of Europe? The IET sets out its official position on the EU referendum this week - will you agree?"

->

E&T jobs

  • Managing Estimator - Project Controls

    National Grid
    • Warwickshire, England
    • £57 - £65 per annum

    Managing Estimator - Warwick - National Grid Salary: £57-65k plus excellent benefits including: Performance Bonus, a generous pension scheme, flexible benefitsLocation: Warwick (CV34 6DA) - West Midlands We currently have an exciting opportunity for a

    • Recruiter: National Grid

    Apply for this job

  • SAP TEAM MANAGER GENERAL ENQUIRIES

    SSE
    • Melksham, Swindon or Oxford
    • £33,520 TO £44,269 + CAR (SSE7) DEPENDING ON SKILLS AND EXPERIENCE

    An exciting opportunity has arisen for an Overhead Tower Line Manager within Power Distribution covering Southern England.

    • Recruiter: SSE

    Apply for this job

  • Principal Engineer - Submarine Operability

    BAE Systems
    • Cumbria, England, Barrow-In-Furness
    • Competitive package

    As a Principal Engineer - Operability, you will be using your knowledge of submarine systems operation to influence the way the systems are designed, ensuring the Royal Navy personnel will be able to operate the system effectively

    • Recruiter: BAE Systems

    Apply for this job

  • OVERHEAD TOWER LINE MANAGER

    SSE
    • Southern England
    • SALARY £42,149 - £62,427 + CAR (SSE9/10) DEPENDANT ON SKILLS AND EXPERIENCE

    An exciting opportunity has arisen for an Overhead Tower Line Manager within Power Distribution covering Southern England.

    • Recruiter: SSE

    Apply for this job

  • Electrical Engineer - Water

    Premium job

    Mott MacDonald
    • Peterborough, Cambridgeshire

    Mott MacDonald's highly successful Water and Environment Unit is recruiting an electrical engineer....

    • Recruiter: Mott MacDonald

    Apply for this job

  • Electrical Design Engineer

    Premium job

    Mott MacDonald
    • Cambridge, Cambridgeshire

    Mott MacDonald's highly successful water business continues to win and deliver a fantastic amount of work....

    • Recruiter: Mott MacDonald

    Apply for this job

  • Senior Programme Manager

    Network Rail
    • England, London
    • £76800 - £86400 per annum

    Do you possess a track record of taking the lead on large projects?

    • Recruiter: Network Rail

    Apply for this job

  • Professor and Head of the Department of Electrical and Computer Systems Engineering

    Monash University
    • Australia (AU)

    Shape the future direction of a Department which is currently involved in ground breaking innovative research

    • Recruiter: Monash University

    Apply for this job

  • Rail Engineer

    Frazer-Nash Consultancy Ltd
    • Burton, Dorking, Glasgow
    • £ Competitive + Benefits

    Some of the most exciting infrastructure projects in the UK over the coming years are in rail.

    • Recruiter: Frazer-Nash Consultancy Ltd

    Apply for this job

  • Electrical Power & HV Engineers

    Frazer-Nash Consultancy Ltd
    • Bristol, Burton, Glasgow, Gloucester, Plymouth, Warrington
    • £ Competitive + Benefits

    Frazer-Nash is currently embarking on a period of significant growth of our electrical, electronics, control and instrumentation capability.

    • Recruiter: Frazer-Nash Consultancy Ltd

    Apply for this job

More jobs ▶

Subscribe

Choose the way you would like to access the latest news and developments in your field.

Subscribe to E&T