HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Comments
View Comments: Oldest First|Newest First|Threaded View
Page 1/3  >  >>
Elizabeth M
User Rank
Blogger
Good story on a real problem
Elizabeth M   3/5/2014 6:09:30 AM
NO RATINGS
Very thoughtful story, Rob. The headline really drew me in especially because I sort of had a personal experience with this many years ago (I would say about eight years ago now) when I was with a friend in SF who was a software engineer. We were in a cafe and he had his laptop and he showed me how with a program he could intercept wireless traffic in that cafe and essentially hack into wireless devices. (He didn't do it, but just showed me that he could if he wanted to.) We've come a long way since then but there are still very real threats out there and it's good to focus attention on this problem before it gets out of hand.

Rob Spiegel
User Rank
Blogger
Re: Good story on a real problem
Rob Spiegel   3/5/2014 7:27:09 AM
NO RATINGS
Good story, Elizabeth. I honestly don't see how we're going to get ahead of this problem. 

William K.
User Rank
Platinum
Re: Good story on a real problem
William K.   3/5/2014 9:43:42 AM
NO RATINGS
Definitely a real problem here, Elizabeth, and amn interesting tale as well. The problem as stated also mentions a potential solution, unstated, but nobody would like the obvious way to reduce the problem. In the simplest terms, a system that can't hear the outside commands, and does not even speak that language, is rather less likely to be "lead astray." I am not suggesting the same thing as the physical isolation approach, which your article points out is not effective, without even mentioning isolation as a concept. But consider that a large number of the things that open a system to invaders are done for convenience. Memory sticks and RF access, along with internet access, are mostly for the convenience of users, rather than actually vital to the main function of a system. So just like your conclusion, security must be integral and constant.  Making data ports one-way only as a hardware design would make things less convenient, but if they were really one-way, nothing could enter by that path. So separating data gathering and reporting from process cntrol is certainly less efficient, but if it is done in a one-way only hardware scheme it can stop hackers. Of course all code must also include enough security, but that is at least in theory, hackable. I have described one more method of improving security, not a total solution, but a way to block some of the holes.

Ann R. Thryft
User Rank
Blogger
Re: Good story on a real problem
Ann R. Thryft   3/5/2014 6:17:39 PM
NO RATINGS
Gee thanks, Rob, I didn't sleep so well after reading this. Seriously, though, thanks for the reporting on this important subject. Several years ago I wrote a white paper on security for a very large company in the business and was really horrified at what I learned. That was the year that all those breaches started occurring at credit card processors and lost company laptops with huge customer databases on them. The basic takeaway was, it's usually an inside job.

Rob Spiegel
User Rank
Blogger
Re: Good story on a real problem
Rob Spiegel   3/5/2014 7:20:06 PM
NO RATINGS
You're right about inside jobs, Ann. Both examples in this story were inside jobs. I just came out of a meeting with automation and control engineers who work with a big automation vendor. They say the plant operators don't believe anyoine would want to attack their networks.

Mydesign
User Rank
Platinum
Security Concerns
Mydesign   3/6/2014 3:53:46 AM
NO RATINGS
1 saves
"Cybersecurity is becoming an increasingly thorny concern for those running automation and control networks. With the proliferation of plant networks matched by the growing Internet of Things and wireless everything, security has become a major issue."

You are right ROB. Security is a major concern especially with self talking and networking devices. I don't think it cannot be address permentlly because hackers are more brilliant than security professionals.

Elizabeth M
User Rank
Blogger
Re: Good story on a real problem
Elizabeth M   3/6/2014 6:50:19 AM
NO RATINGS
These are all really good points, William K. There are a lot of external devices the use of which can be eliminated to help keep networks more secure, and this can be done quite easily. Sometimes the simplest way to help alleviate a problem is overlooked.

Elizabeth M
User Rank
Blogger
Re: Good story on a real problem
Elizabeth M   3/6/2014 6:59:02 AM
NO RATINGS
Agree with you and Ann here, Rob, about the inside jobs. And I think that this is often the case not just in plants but when other business networks are attacked as well.

Rob Spiegel
User Rank
Blogger
Re: Security Concerns
Rob Spiegel   3/6/2014 9:42:49 AM
NO RATINGS
Good point, Mydesign. This will be very interesting as it plays out. There's simply no clear answer. 

Rob Spiegel
User Rank
Blogger
Re: Good story on a real problem
Rob Spiegel   3/6/2014 9:46:43 AM
NO RATINGS
Inside jobs may be the biggest threat, Elizabeth. I can't even imagine an effective strategy to prevent attacks from inside. 

Page 1/3  >  >>


Partner Zone
Latest Analysis
Samsung's Galaxy line of smartphones used to fare quite well in the repairability department, but last year's flagship S5 model took a tumble, scoring a meh-inducing 5/10. Will the newly redesigned S6 lead us back into star-studded territory, or will we sink further into the depths of a repairability black hole?
Fifteen European research centers have launched EuroCPS to help European companies develop innovative products for the Internet of Things.
Get your Allman Brothers albums ready. The iconic Volkswagen Microbus may be poised for a comeback, and this time it could be electric.
In 2003, the world contained just over 500 million Internet-connected devices. By 2010, this figure had risen to 12.5 billion connected objects, almost six devices per individual with access to the Internet. Now, as we move into 2015, the number of connected 'things' is expected to reach 25 billion, ultimately edging toward 50 billion by the end of the decade.
NASA engineer Brian Trease studied abroad in Japan as a high school student and used to fold fast-food wrappers into cranes using origami techniques he learned in library books. Inspired by this, he began to imagine that origami could be applied to building spacecraft components, particularly solar panels that could one day send solar power from space to be used on earth.
More:Blogs|News
Design News Webinar Series
3/31/2015 11:00 a.m. California / 2:00 p.m. New York
2/25/2015 11:00 a.m. California / 2:00 p.m. New York
12/11/2014 8:00 a.m. California / 11:00 a.m. New York
5/7/2015 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Apr 20 - 24, Taking the Internet of Things to the Cloud
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  6 |  7


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Last Archived Class
Sponsored by Proto Labs
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2015 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service