Read the following case study available in the CSU-Global Library: Benyon, D. (2
ID: 3847436 • Letter: R
Question
Read the following case study available in the CSU-Global Library:
Benyon, D. (2016). Cyber gets physical. Reactions, Retrieved from https://csuglobal.idm.oclc.org/login?url=http://search.proquest.com.csuglobal.idm.oclc.org/docview/1772082271?accountid=38569
Answer the following questions in your paper:
Describe at least two other physical cyber-attacks.
Could this type of attack affect our power grid, water supply, airline industry, nuclear plants, oil refineries and much more?
What preventative measures can be used?
Explanation / Answer
A . Two examples of physical attacks are as follows-
1. Passenger plane hack
In May 2015, it emerged that an airline passenger may have successfully hacked into over a dozen commercial flights, including sending commands to a jet engine in midair. Computer security expert Chris Roberts, allegedly hacked into a plane's in-flight entertainment system whilst on board and was able to get the plane to climb and move sideways. He bragged about his ability to take control of the jet on social media, alerting the authorities.
It is reported that Roberts had used a simple plug, installed under the seats of many commercial airlines, to tap into the systems up to 20 times since 2011. While his intentions did not appear to be malicious, his ability to exploit on-board weaknesses highlights the potential for more sinister hacks in the future if such vulnerabilities are not tackled.
The FBI, which is investigating the hacks amid concerns over the safety and cyber security of passenger aircraft, has also voiced its concern over the future potential for driverless cars to be hacked and used as weapons. Meanwhile, United Airlines is offering free air miles to hackers who are able to expose security flaws in its systems.
2. Jeep Cherokee hack
On July 21 2015 ,a journalist in Wired magazine revealed that a pair of hackers had successfully demonstrated that they could remotely control a Jeep Cherokee while it was being driven on a highway by turning down the AC, turning up the radio and turning off the ignition. Later, in a parking lot, they showed that they could disable the brakes and control the steering wheel (at least while the car was in reverse).
The hackers had used a cell phone in another part of the country to access the car's entertainment system and then take over saftey-critical systems. The hackers in question, never intended to hack anything other than their own car. But they clearly demonstrated the potential for more nefarious hackers to cause serious damage to cars and drivers around the world. Three days after the article was published, Chrysler recalled 1.4 million cars, including models from their Chrysler, Dodge, Jeep and Ram ranges.
Although this demonstration exploited a particular weakness in a particular model of car, pressure to build connected features in cars is going to continue to create vulnerabilities. “They’re getting worse faster than they’re getting better,” said one of the hackers. “If it takes a year to introduce a new hackable feature, then it takes them four to five years to protect it.”
B. Yes, Cyber physical attacks can very well affect our power grid, water supply, airline industry, nuclear plants, oil refineries and much more. Infact The infamous Stuxnet worm was the "shot heard round the world" on the matter of offensive cyber war and, more specifically, cyber attacks with physical consequences. Believed to be the creation of Israel and the United States, Stuxnet attacked control systems at the Natanz power plant in Iran, damaging that country's nuclear-weapons program. It’s possible this type of attack can be duplicated to disrupt activities in the control systems of other power plants or utilities, posing a physical threat to global infrastructure facilities.
C. Preventive measures that can be used against Cyber physical attacks are-
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.