The Electronic Pearl Harbour gets a step closer

| 1 Comment | No TrackBacks
| More

As I expected we keep finding more and more security vulnerabilities in devices that shouldn't have them: essential control systems that govern the safety of critical infrastructure. The latest batch have been found by my IOActive colleagues in satellite communication (SATCOM) systems.

IOActive analyzed and reverse-engineered publicly-available firmware updates for technologies manufactured by Harris, Hughes, Cobham, Thuraya, JRC, and Iridium. They discovered multiple, high risk vulnerabilities in all SATCOM device firmware studied by IOActive. These vulnerabilities might enable a malicious hacker to intercept, manipulate, block, and in some cases take control of the physical device. The vulnerabilities included hardcoded credentials, undocumented protocols, insecure protocols, and backdoors.

As I've suggested before, we might find that Die Hard 4 was rather understated. 

Enhanced by Zemanta

No TrackBacks

TrackBack URL: http://www.computerweekly.com/cgi-bin/mt-tb.cgi/52112

1 Comment

I disagree with the Electronic Pearl Harbour thesis:. Organised crime wishes to milk the cow - not kill it. They would far rather have us complacent than responding to a wake-up call.

That said, I expect things to come a head this autumn as emplyers recruit dross to make up the numbers on their information security teams.

Hence my latest blog http://www.computerweekly.com/blogs/when-it-meets-politics/2014/04/surviving-the-post-heartbleed.html

Leave a comment

About this Entry

This page contains a single entry by David Lacey published on April 25, 2014 10:21 AM.

The Electronic Pearl Harbour gets a step closer was the previous entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Archives

 

-- Advertisement --