YOUR FRIENDS' ACTIVITY

    Deadly Device Hacks May Be Coming Soon

    By Sue Marquette Poremba, TechNewsDaily Contributor | LiveScience.com – Wed, Jan 16, 2013

    Last March, the online humor magazine Cracked listed computer hacks that seemed like they could have happened only in the movies — but actually did in real life.

    Among them were hacking an ATM to spit out extra cash, causing traffic jams by messing up stoplights, stealing a car with a cellphone, hijacking a TV signal and hacking into the school computer to change student grades.

    Unfortunately, the eye-opening revelations in the Cracked story are just the tip of the iceberg. We've reached a point where we need to face the reality that if something is connected to a network, hackers will find a way to manipulate it.

    An ATM or a traffic signal might not be too much of a stretch for the imagination, but are you prepared for your refrigerator to be hacked? What about your pacemaker?

    Brave new world

    Every year, security experts predict the trends to watch out for in the coming 12 months.

    Derek Manky, a senior threat researcher at FortiGuard Labs, a division of Fortinet in Sunnyvale, Calif., predicts that in 2013 we'll see machine-to-machine (M2M) communication attacks.

    M2M communication refers to technologies that let both wireless and wired systems "talk" to other devices of the same ability.

    The practical possibilities of M2M are inspiring, since it may remove human error from many situations, but there are questions about how to best secure it.

    Manky predicts that this year we'll see an instance of M2M hacking that's not been exploited before, most likely in a way related to national security, such as at a weapons-development facility.

    He said it will likely happen when an attacker poisons information streams that run along the M2M channels, making one machine mishandle the poisoned information, creating a vulnerability and thus allowing unauthorized access.

    "Typically M2M does not exist in consumer environments," Manky said, "but rather in public services that, of course, affect citizens in daily lives. Think things like airports, power, oil and gas, traffic lights, etc.

    "However, with technology like home automation moving forward in the future, we will start seeing M2M become embedded more and more in consumer environments."

    [10 Things You Didn't Know Could Be Hacked]

    Digital mayhem

    If an attacker were able to poison an information stream between systems in one of these environments, Manky said, it certainly could have an impact on daily lives.

    In a typical day, a person might drive his or her car or take mass transit, go through traffic control systems such traffic lights or train switching, and then come back home to disable the security alarm.

    But as M2M communications evolve and malicious hackers adapt their code to infiltrate these systems, the attackers could potentially remotely disable a vehicle's alarm and start the engine, remotely disable a household security system in a break-in attempt or take down a power station's control network in a denial-of-service attack.

    Death by laptop

    We are already seeing hints of potential M2M attacks. Researchers have been wirelessly hacking into pacemakers for years, and last fall Barnaby Jack of Seattle-based security vendor IOActive showed how he could deliver a deadly shock to someone's pacemaker from a nearby laptop.

    Jack blamed poor software programming and a trend among medical-equipment makers to go wireless without taking security precautions, and pointed out that his lethal laptop code could just as easily be launched from a hospital computer or other electronic device.

    Manky thinks that M2M attacks will happen slowly at first, but, he said, "It's been proven now that it can be done. And, code exists and has been analyzed that achieves this. So, it serves as a case and foundation to further attacks down the road."

    Machines communicating with each other via the Internet are becoming more common, and that means security for these connections, particularly wireless connections, is going to have to be improved.

    "It is a common pattern for us to see these machines that communicate with each other connected to the public Internet nowadays via an external interface," said Manky. "That means IP connectivity, and that they are open to probing and attack attempts by hackers.

    "Vendors who develop the machines themselves that communicate need to take extra care in terms of secure development to make sure there is no low-hanging fruit attackers can go after," he added. "And, of course, critical M2M systems should be closed-circuit, as they were designed to be in the first place."

    This story was provided by TechNewsDaily, a sister site to LiveScience.

    Copyright 2013 LiveScience, a TechMediaNetwork company. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
    Loading...

    More Science News

     

    News for You »

    • Fired for word: 'Negro' in Spanish class

      One of the first lessons one learns in English class is that context is everything. The same holds true in Spanish.

    • Damage reported from magnitude-5.7 quake in Calif.

      GREENVILLE, Calif. (AP) — Residents in rural northeastern California assessed damage to their homes and businesses Friday from a magnitude-5.7 earthquake, one of the strongest temblors to hit the densely forested region in decades.

    • No Wonder Republican Criticism of Obama Isn’t Working

      Henny Youngman, the late borscht belt comedian, told hundreds of politically incorrect jokes. One of them was his response when asked, “How’s your wife?” “Compared to what?” he’d say.

    • Is it possible to think without language?

      There is evidence that deaf people cut off from language, spoken or signed, think in sophisticated ways before they have been exposed to language

    • 5 climbers missing on world's 3rd highest mountain

      KATMANDU, Nepal (AP) — A Nepalese official says five climbers are missing and feared dead on the world's third highest mountain.

    • Cycling-Road-Giro d'Italia classification after stage 20

      May 25 (Infostrada Sports) - Classification from Giro d'Italia after Stage 20 on Saturday 1. Vincenzo Nibali (Italy / Astana) 79:23:19" 2. Rigoberto Uran (Colombia / Team Sky) +4:43" 3. Cadel Evans (Australia / BMC Racing) +5:52" 4. Michele Scarponi (Italy / Lampre) +6:48" 5. Carlos Betancur (Colombia / AG2R) +7:28" 6. Przemyslaw Niemiec (Poland / Lampre) +7:43" 7. Rafal Majka (Poland / Saxo - Tinkoff) +8:09" 8. Benat Intxausti (Spain / Movistar) +10:26" 9. Mauro Santambrogio (Italy / Vini Fantini) +10:32" 10. Domenico Pozzovivo (Italy / AG2R) +10:59" 11. ...

    • Fox News Is a Terrible Advocate for Freedom of the Press

      Roger Ailes is full of self-righteous outrage that the Department of Justice subpoenaed Fox News reporter James Rosen's personal emails as it investigated the leak of classified information about North Korea. It's a recent conversion after leading a news network that has been calling for criminalizing journalism for years.

    • Terror in London Sparks Tensions, Upsurge in Islamophobic Attacks

      Violence and fear travel swiftly, and faster still in the era of tweets and status updates and 24-hour rolling news. Just after 2 pm on May 22, police answered a call to an incident in Woolwich, southeast London. A 25-year-old soldier, Drummer Lee Rigby, leaving the local barracks, had been hit by a car and then hacked to death in front of horrified onlookers. One of his alleged killers, later identified as Michael Adebolajo, linked the attack to the British military presence in Muslim countries. ...

    Show More
    Loading...

    Follow Yahoo! News