Saturday, July 4, 17:01
Home security Malicious agents threaten public security systems!

Malicious agents threaten public security systems!

Open systems, open data and software open source contribute to greater transparency and public confidence as well as greater and easier user engagement. However, these systems can be exploited by malicious agents, which carries many risks. In other words, public security systems that are open to everyone are also open to those who want to use them for malicious activities.

It's not uncommon for open source ecosystems like this GitHub and npm have been used to spread malware. We have also seen how public WiFi hotspot can attract hackers. Similarly, public security systems designed to protect citizens from malicious agents have been used by the latter to carry out malicious activities.

Cameras monitoring and "open data"

A recent report reported an automatic data leak (ANPR) leak from an electronic control panel that feeds surveillance cameras. and production . This violation was due to the fact that a database was publicly exposed without password. In the United Kingdom, traffic cameras and some public security cameras have been found to be visible to any citizen. This is mainly due to open data initiatives derived from privacy and transparency legislation. The United Kingdom provides more visibility to the network of cameras in major cities such as London and on highways. Regarding USA, depending on the state and location, have similar traffic cameras that openly spread live streams to anyone via the web. For example, one can see a live stream of 42nd Street in New York, Madison Avenue and the Hudson River from Skyline cameras. These cameras record streets and different corners of the area.

Mark Sangster, vice president of eSentire, when asked about what malicious agents can do with these open public security systems, said that criminals or state-funded actors could use traffic patterns to determine high traffic points and cause maximum damage. They could also maximize the impact of an attack. For example, according to research, publicly accessible cameras located around London's Vauxhall Cross provide live viewing of areas around the MI5 building. Surveillance cameras also exist around notable landmarks, traffic lights, bridges and monuments.

Former CIA chief executive Marcus Fowler, who is currently the director of strategic threat at security company Darktrace, told BleepingComputer details on how to exploit the public systems closed source security. Indicatively, he stated that a strategic attack on the traffic lights could cause unrest in an entire city. For example, traffic lights could be the target on election day to cause traffic jams and delay people going to the polls. A team of researchers from the University of Michigan was able to control more than 100 lanterns in Michigan with a laptop and a radio transmitter.

As recent cyberattacks targeted the healthcare industry, Fowler has expressed concern about how malicious agents could disrupt emergency response systems. In particular, he noted that there has been a worrying increase in attacks on the healthcare industry during his pandemic. COVID-19, which means that malicious agents could expand them attacks in emergency response systems. If the attackers manage to gain access and control these systems, they could cause chaos in an entire country and endanger the lives of patients.

Fowler added that the attackers were increasingly targeting port facilities, taking advantage of the growing public dependence on commodity deliveries and the pressure on the pandemic supply chains. If computers in a port facility stop working due to an attack, supplies such as food and medical equipment may not reach their destinations.

IoT devices, drones and "smart" vehicles

With surveillance technologies increasingly intensified in the form of autonomous systems such as drones, motor vehicles and robots, there are some security risks.

According to Stephen Cobb, a UK-based security researcher, the growing use of remote-controlled and autonomous vehicles is paving the way for malicious agents to commit criminal acts. Cobb coined the term "jackware" a few years ago to describe malware-based attacks involving hijacking of motor vehicles, stressing that this could be applied to autonomous vehicles or vehicles that are controlled remotely, either in the air or on land. . He also pointed out that the use of autonomous or remote-controlled vehicles for public safety can easily be exploited by a malicious agent.

Commenting on the situation over the past two decades, Cobb noted that appropriate protection measures and levels are usually not applied, except when a malicious activity is detected on a large scale.

Public policy and social engineering documents

Government websites often mistakenly publish law enforcement manuals. If a malicious actor is able to obtain a specially authorized number of "office-only" help from these manuals and "forge" one of his employees, such as a police detective, it is very likely that he will extract sensitive and confidential information about individuals. and case files.

For example, malicious agents could spy on a rich person's financial information if they knew his or her social security number (SSN). They could do this by "falsifying" the prospective victim and calling the Internal Revenue Service (IRS) to request information on the tax return of the target.

In addition, due to the recent invasion of BlueLeaks, which leaked sensitive information, there are concerns that state-funded hackers can misuse data in many ways. In this case, the group that committed the violation claimed that it was aimed at combating police violence. However, it also released thousands of bank accounts, addresses, names of crime victims and suspected criminals who were never charged, said Alexander M. Kehoe, co-founder and business director of Caveni.

He added that the collection of this information could prove extremely useful for malicious foreign actors or organized crime unions. Both groups could use this information for malicious purposes, thanks to the exchange of information intended for the police.

In conclusion, technology provides innovations within governments to ensure the safety of citizens and national security. However, policies need to be put in place to ensure that these initiatives, including public safety systems, are not exploited by malicious agents.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


COVID-19: New research looks for antibodies in blood donors

The American Red Cross is examining the blood that has come from donations, and is looking for COVID-19 antibodies that will give it ...

Digital Transformation and Business: What Does Its Failure Mean?

Digital transformation is usually a way for businesses to outperform their competitors and get rid of methods that ...

Covaxin: India releases COVID-19 vaccine in August

The whole planet is waiting for the release of the vaccine for coronavirus, while clinical trials have begun in many countries around the world ....

iOS 13.5.1: iPhone users report battery issues

Have you noticed any changes to your iPhone lately? Maybe, for example, the battery runs out quickly ...

Avaddon ransomware: Attacks through Excel 4.0 macros

Microsoft announced yesterday that Avaddon ransomware spread this week through an old technique that came to the fore again. The...

Apple: Prohibits updating Chinese Apps without permission

Apple is banning developers from updating existing apps in China's App Store if they don't have government approval.

Australia: Thousands of MyGov accounts are sold on the Dark Web

Access to more than 3600 MyGov accounts is being sold on the dark web, potentially exposing thousands of Australians to fraud and identity theft.

Party Time: Watch TV with your friends online

Party Time: Watch TV with your friends on the internet Time for a different party than you are used to, watching your favorite ...

CISA and FBI warn businesses of Tor's risks

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a warning to businesses regarding ...

openSUSE: The new Leap 15.2 hard drive has been released

Recently, the next stable version of the openSUSE operating system was released. According to the development team of the operating system, ...