Monday, June 04, 2012
Flame, Shodan both raise questions about new risks to home users; how much machinery is connected to the public Internet?
CNN has a story Monday morning by Douglas Rushkoff, “The cyberwar may be headed to your computer”, about the huge malware suite called Flame, apparently directed by western governments against Iran, here.
The article explains how the “product” was designed to make it difficult to emulate, but nevertheless claims that eventually this sort of malware can affect average home or small business users. I’m not sure I follow the reasoning.
The Washington Post has been running a series “Zero Day: The Threat in Cyberspace”, with a long article Monday morning (front page in print) by Robert O’Harrow Jr., “Everyday machines vulnerable to hacking: Fledgling search engine exposes risks of being connected to Internet”, link here.
The story discusses the evolution of the Shodan search engine, which can probe gratuitous connections of industrial control panels to the Internet. I wonder if my Briggs and Stratton generator is connected. The Shodan site boldly states “Expose Online Devices”.
For years, since 9/11, there has been speculation about the vulnerability of cyber infrastructure to hackers. Most of it is supposed to be disconnected and topologically unreachable. But some pieces are monitored by “smart grid” technology, from remote, which would lead to some use of encrypted connections. That may become even more the case in the future with, for example, home security and home monitoring systems.