Will Automation Cause more #Cybersecurity Problems?

There seem to be lots of attention to ‘new’ automation in many areas of our lives.

Atlantic Story: ” the Parts of America Most Susceptible to Automation”

Notice that no one is interested in Cybersecurity problems that will be created within this new automated world.

Sometimes Hollywood is looking further ahead than we are, on Season 7 episode 16 ‘Murder by Remote Control’  an “automated house” killed a person because it was programmed to do so in a house that was automated (opens and closes doors, lights and more). the episode played on CBS 2/10/2000.

So 17 years ago Hollywood played an episode that looked unrealistic at the time. I am not here to discuss the viability of the episode or the cast/show etc. I am here to discuss what can go wrong as we automate more and more aspects of our lives. Today we also call these devices IoTs (Internet of Things) where these devices power on and off lights and alarms, doors and others.

what happened in the episode could happen today with a hacker controlling your IoTs which are controlling  heating and air conditioning to make your life in the house unbearable and maybe even dangerous (depends on the add-ons you installed) and although it may not be dangerous yet, but it may be in the future.

On TV (which is visual) the computer system is shown at it’s control screen where one can see the cameras and make adjustments, this control screen may be replicated by a remote hacker (ransomware) today.

The Atlantic story was trying to find economic regions which are most likely to see automation:

(image from Atlantic Article). You can see that the major metropolitan areas seem to be more likely to have concentrations of automation as an estimate this may be accurate.

But what is a glaring omission in this article?

Cybersecurity

This is the paragraph concluding the article:

 

The work by Moenius and his colleagues suggests that this divergence will only continue. While a handful of cities with good jobs and highly educated workers will continue to thrive, other areas are going to see more and more jobs disappear as automated technologies become ever better. This may have much wider implications, politically and socially. People in America’s struggling regions feel left behind economically, as the 2016 election indicated.

It is not surprising that Cybersecurity is not on the radar of most people,  and will not be until they experience it for themselves, or at least it is simplified to their level.

As I have discussed in many blogposts until there are concrete reasons like compliance or experiences with Cybersecurity events there is no mention of disaster recovery or other ‘potential’ calamities. IT is supposed to handle this.

I believe the owner/ managing person needs to be aware of a minimal set of standards like making backups and ensuring they work. defending against cyberattacks.

The problem is there are many compliance levels which are not good enough in some cases.  So what is a small business to do? This image is the problem:

With minimal Cybersecurity standards one can defend and ensure the viability of the business. Even when automation creates an even greater reliance on technological advances with computing devices.

Here are a few cybersecurity automation examples from a 3 year old defcon video:

https://www.youtube.com/watch?v=h5PRvBpLuJs

“Hack all the things 20 devices in 45 minutes”

There were many Android devices from GoogleTV  to standard routers, embedded multi media, file storage devices, smart refrigerators, blu-ray devices, cloud connectivity devices, printers, baby listening devices,  and devices that control on-off states of electrical appliances in a home.

The devices in our homes are not automated yet, because we have not dreamed up enough uses but the video hcked them all using UART mostly as a way into the hardware. The end result was almost always the same – full exploitation, allowing many full admin rights and allowing other code to be run than from what the manufacturer wanted to produce.

As usual, in many cases the root password was simple and in plain text on the system.  It is obvious to me that Cybersecurity is not important at this time.

So in the coming days Fixvirus.com and Oversitesentry will propose a solution to this dilemma.

Advertisements