Tuesday, October 27, 17:07
Home security Malicious agents threaten public security systems!

Malicious agents threaten public security systems!

Open systems, open data and software open source contributes to greater transparency and public trust as well as greater and easier user engagement. However, these systems can be exploited by malicious agents, which carries many risks. In other words, public security systems that are open to all are also open to those who wish to use them for malicious activities.

It's not uncommon for open source ecosystems like this GitHub and npm have been used to spread malware. We have also seen how public WiFi hotspot can attract hackers. Similarly, public security systems designed to protect citizens from malicious agents have been used by the latter to carry out malicious activities.

malicious agents-public security systems

Cameras monitoring and "open data"

A recent report reported a data leak involving automatic number plate identification (ANPR) from an electronic control panel that powers surveillance cameras. and production . This violation was due to the fact that a database was publicly exposed without password. In the United Kingdom, traffic cameras and some public security cameras have been found to be visible to any citizen. This is mainly due to open data initiatives derived from privacy and transparency legislation. The United Kingdom provides more visibility to the network of cameras in major cities such as London and on highways. Regarding USA, depending on the state and location, have similar traffic cameras that openly spread live streams to anyone via the web. For example, one can see a live stream of 42nd Street in New York, Madison Avenue and the Hudson River from Skyline cameras. These cameras record streets and different corners of the area.


Mark Sangster, vice president of eSentire, when asked about what malicious agents can do with these open public security systems, said that criminals or state-funded actors could use traffic patterns to determine high traffic points and cause maximum damage. They could also maximize the impact of an attack. For example, according to research, publicly accessible cameras located around London's Vauxhall Cross provide live viewing of areas around the MI5 building. Surveillance cameras also exist around notable landmarks, traffic lights, bridges and monuments.

Former CIA chief executive Marcus Fowler, who is now director of strategic threat at security company Darktrace, told BleepingComputer details of how the public systems closed source security. Indicatively, he stated that a strategic attack on the traffic lights could cause unrest in an entire city. For example, traffic lights could be the target on election day to cause traffic jams and delay people going to the polls. A team of researchers from the University of Michigan was able to control more than 100 lanterns in Michigan with a laptop and a radio transmitter.

As recent cyberattacks target the healthcare industry, Fowler has expressed concern about how malicious agents could disrupt emergency response systems as well. In particular, he noted that there had been a worrying increase in attacks on the healthcare industry during the pandemic. Mesures COVID-19, which means that malicious agents could expand them attacks in emergency response systems. If the attackers manage to gain access and control these systems, they could cause chaos in an entire country and endanger the lives of patients.

Fowler added that the attackers were increasingly targeting port facilities, taking advantage of the growing public dependence on commodity deliveries and the pressure on the pandemic supply chains. If computers in a port facility stop working due to an attack, supplies such as food and medical equipment may not reach their destinations.

public security systems

IoT devices, drones and "smart" vehicles

With surveillance technologies increasingly intensified in the form of autonomous systems such as drones, motor vehicles and robots, there are some security risks.

According to Stephen Cobb, a UK-based security researcher, the growing use of remote-controlled and autonomous vehicles is paving the way for malicious agents to commit criminal acts. Cobb coined the term "jackware" a few years ago to describe malware-based attacks involving hijacking of motor vehicles, stressing that this could be applied to autonomous vehicles or vehicles that are controlled remotely, either in the air or on land. . He also pointed out that the use of autonomous or remote-controlled vehicles for public safety can easily be exploited by a malicious agent.

Commenting on the situation over the past two decades, Cobb noted that appropriate protection measures and levels are usually not applied, except when a malicious activity is detected on a large scale.

Public policy and social engineering documents

Government websites often publish law enforcement manuals by mistake. If a malicious actor can obtain a specially authorized "office use" helpline from these manuals and "falsify" one of its employees, such as a police detective, it is very likely that they will extract sensitive and confidential information about individuals. and case files.

For example, malicious agents could spy on a rich person's financial data if they know his social security number (SSN). They could do this by "falsifying" the would-be victim and calling the Internal Revenue Service (IRS) for information on the target tax return.

In addition, due to the recent invasion of BlueLeaks, which leaked sensitive information, there are concerns that state-funded hackers can misuse data in many ways. In this case, the group that committed the violation claimed that it was aimed at combating police violence. However, it also released thousands of bank accounts, addresses, names of crime victims and suspected criminals who were never charged, said Alexander M. Kehoe, co-founder and business director of Caveni.

He added that the collection of this information could prove extremely useful for malicious foreign actors or organized crime unions. Both groups could use this information for malicious purposes, thanks to the exchange of information intended for the police.

In conclusion, technology provides innovations within governments to ensure the safety of citizens and national security. However, policies need to be put in place to ensure that these initiatives, including public safety systems, are not exploited by malicious agents.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Pohackontas
Pohackontashttps://www.secnews.gr
Every accomplishment starts with the decision to try.

LIVE NEWS

Microsoft is limiting the availability of Windows 10 20H2

Microsoft is currently restricting the availability of Windows 10 20H2 to provide all users who want to ...

How to enable the new Chrome Read more feature

The latest version of Google Chrome browser, v86, released earlier this month, contains a secret feature called Read ...

How to choose a custom color for the Start menu

Starting with the October 2020 update, Windows 10 is the default on a theme that removes bright colors from ...

NASA telescope discovers drinking water on the moon

Eleven years ago, a spacecraft changed our view of the moon forever. The data collected by ...

Microsoft: Enhances password spray attack detection capabilities

Microsoft has significantly improved the ability to detect password spray attacks in the Azure Active Directory (Azure AD) and has reached the point ...

How to prevent companies from finding our phone number

In the age of advertising, the more user information is known the more convenient it is for companies. And in particular, the ...

Violation in a psychotherapy clinic led to blackmail of patients

Two years ago, a cyber attack took place in a Finnish psychotherapy clinic, which resulted in data theft and ransom demand. Now,...

Australia: Enhances cybersecurity and privacy!

The Government of New South Wales in Australia has set up a task force to strengthen cybersecurity and protection ...

More than 100 irrigation systems were left exposed on the internet

More than 100 smart irrigation systems were left exposed on the internet without a password last month, allowing anyone to access ...

Violation in Nitro Software most likely affects Google, Apple, Microsoft

Nitro PDF (Nitro Software) service has suffered a data breach, which is said to affect many well-known companies, such as Google, ...