By JDavid Derosier

Now that we’re somewhat through the 2018 elections and the brouhaha about Facebook, Social Media with its Fake News, and the Russians – maybe we can look at some REAL potential problems in the world of technology.

Cyber-Privacy, protecting your personal information on Facebook, is a problem. Believing everything you read on Social Media, that’s just stupidity.

Cyber-Security, however, is a totally different animal. Cyber-Security is protecting against malicious attacks.  Back in the day when I was lecturing on the subject I used to say that, “there is a wide spectrum of cyber security. At the one end, if there is a compromise a businessman could lose his business. At the other end of the spectrum they could lose their country.” Big difference.

INDIVIDUAL ATTACKS

Did you know that hackers can use the Internet to get inside computers? Of course you knew that.

Did you know they can get inside your cellphone? While it’s in your pocket? And turn it on or off? And listen to conversations going on in the room (not just on the phone)? Suppose that conversation is about negotiations to buy a new business? If the competition could listen in, would it hurt?

How about if they get inside your phone and use the app that unlocks your front door? Or turns your security cameras and alarms on/off?

AREA ATTACKS

Did you know that in many cities the traffic lights are networked together and can be controlled from a single location? The reason is to help prevent grid-lock when there is too much traffic or an accident. It also allows the authorities to find and identify vehicles and/or people when needed. What if a foreign adversary with malicious intent hacked into that network and took control? Could they do any damage? Think in terms of turning all traffic lights in all directions to green.

Fifteen years ago, in 2003, I was living in Ottawa, Ontario – the capital of Canada. There was a widespread power outage that took out power to about 10 million people in Ontario, as well as about 45 million people in eight American states. We had visitors from the USA at the time and we were without power for four days, starting on my wife’s birthday. The primary cause was attributed to an accidental bug in the alarm system software of a company in Ohio. That bug prevented the operators from being aware of overloads on the system, turning into the collapse of the entire electric grid.

Imagine now, a malicious foreign adversary doing that intentionally!

According to the Houston Chronicle of April 6, 2018, “federal agencies and security firms recently disclosed that cyberattacks aimed at U.S. energy, nuclear, water, aviation and manufacturing facilities have risen sharply since 2016, amid attempts by a highly skilled and well-funded hacking group to secure a foothold in those networks. The FBI and the Department of Homeland Security last month blamed the attacks on the Russian government.”

Relate that to recent reports that the Camp Fire wildfire in California may have been caused by power outages in the electric grid. With nearly a thousand people missing and more than 10,000 homes and businesses destroyed, it is easy to imagine the devastation that an adversary’s attack on the power grid could do.

 

AUTOMOBILES

 

You have probably heard that malicious hackers can take over your (late model) vehicle by hacking into its computer systems which are networked beyond the vehicle. In some instances, that’s as easy for them to do as it is for you to use your remote key. Now think about a foreign adversary that might plant devices on highway overpasses that could shut down your vehicle’s computer from overhead as it passed at speed. New autonomous (driver-less) vehicles are even more susceptible than the family car.

In August the Detroit Free Press reported that General Motors was starting up The Bug Bounty Program through which it would pay hackers a bounty or cash payment per bug that they uncover in any of GM”s vehicle computer systems. In addition, GM employs more than 400 people in the area of cybersecurity. At least they are thinking about the issues.

 

SUMMARY

Too many people are focused on Cyber-Privacy and not enough on Cyber-Security. The list of foreign adversaries working on attacking our country still remains long, with Russia, China, and Iran at the top of the list.

If you are going to worry and complain about cyperprivacy, do not forget cybersecurity as well. It is probably more important to you, and definitely more important to our nation. Stand up and tell your elected folks in Washington that you want more attention paid to it.

In future articles we will address some of the things the US and allied governments are planning and doing in this area.

J.David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with theBetter Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info