Things About Which We Are Unsure
Hack Hack Hack Hack It Apart
Firms specializing in technology security make it their business to scare potential customers, but that doesn’t make an Internet Identity (IID) report predicting cyber doom in 2014, highlighted today by Ray Kurzweil’s Accelerating Intelligence, any less spooky.
According to IID, looming cybersecurity threats in 2013–more mobile malware, increasingly aggressive hacktivism, attacks on the cloud–are “well-anticipated and mundane.”
Those “mundane” threats are nothing next to the bleak wasteland of death and destruction IID expects in 2014:
Sometime last summer, hackers invaded a New Jersey company’s web-accessible heating and air-conditioning systems using a gaping security hole in the system’s supervisory control and data acquisition (SCADA) software.
Ars Technica reports that an IT contractor who works with the business informed F.B.I. agents investigating the breach that controls for the HVAC system were “directly connected to the Internet” and there was no “interposing firewall.”
The backdoor into the controls is found in some versions of the Niagara AX Framework, software that controls similar systems at the Pentagon and the Federal Bureau of Investigation. An F.B.I. memo issued in July said any hacker who found their way into the nameless New Jersey company’s Niagara controls would have been able to learn the same information available to a systems administrator, such as “a floor plan layout of the office, with control fields and feedback for each office and shop area.” The web interface wasn’t even password-protected.