Blog Archive
-
2016
(1336)
-
April(1335)
- Samsung Galaxy S7: 2016's Finest Android Phones
- Samsung Galaxy S7, Galaxy S5, Galaxy Note Edge Wit...
- Apple updates MacBook, upgrades MacBook Air
- Apple iPad Air 2 review: Still a great tablet
- Apple iPad Air review
- Microsoft Surface Pro 4 review: A fantastic Window...
- Google.com is “partially dangerous”, says Google
- LG G5 review: Modular expansion and twin cameras s...
- Best hybrid cars 2016: The six best hybrid cars fo...
- Best smartphones of 2016: The best mobile phones i...
- iPhone 7 rumours, specs and features: 8 things to ...
- EU Google antitrust case: Everything you need to know
- LeEco Le 2, Le 2 Pro and Le Max 2: No headphone so...
- Samsung Galaxy TabPro S review: Super screen, but ...
- How to get American Netflix on all your devices in...
- Apple Car rumours and leaks: Former Tesla Vice Pre...
- How to install Exodus on Kodi: Get one of XBMC’s b...
- Recover all your forgotten passwords
- How to cancel Netflix: Stop your Netflix subscript...
- HTC 10 review: A great smartphone return to form b...
- President Barack Obama's UK visit shakes up the Lo...
- Should I upgrade to Windows 10?
- Microsoft, seagulls and magic: An interview with M...
- Opera just added a free VPN as a bonus feature for...
- HP Chromebook 14 review: Solid, reliable and depen...
- How to remove a device from Netflix: Here’s how to...
- Amazon Fire review: Now available with 16GB storage
- Xplova X5 (hands on) review: This cycling computer...
- Acer Chromebook 14 review (hands on): A Chromebook...
- Now there's an app to crowdfund your honeymoon
- Shell’s Concept Car uses petrol to save the planet
- Tesla Autopilot review: We test Elon Musk’s autono...
- iOS 10: Rumours, speculation, mock-ups, and what w...
- This AI is guessing who’s going to die next in Gam...
- Microsoft's Windows Phone results: Not pretty, but...
- Android N review (first look): Now available for t...
- Volvo wants to sell one million hybrid and electri...
- How GCHQ has been accessing YOUR personal data
- Nissan Leaf (2016) review: We drive the UK's most ...
- Raspberry Pi 3 vs Raspberry Pi 2 vs Raspberry Pi B...
- Best electric cars 2016: The four best electric ve...
- Tesla Model S (2016) review: Still the ultimate el...
- Amazon blocks sale of Fifa 16, GTA 5 and many othe...
- UK government wants to punish online pirates with ...
- Opera VPN: Can the privacy-enhanced browser really...
- Mobile game revenues set to overtake that of PC in...
- Ads trick and force Germans to listen to plight of...
- What became of the cartoon video game mascot?
- Google I/O 2016: What key announcements to expect ...
- Microsoft profits fall by 25% due to drop in Windo...
- Galaxy Note 6 rumoured to sport 5.8in curved scree...
- Mexican voter database containing 93.4 million rec...
- Bangladesh bank cyberheist was a hacker's dream af...
- China wants to visit Mars by 2020 and beat Nasa to...
- BTCC Bitcoin mining pool launches rapid connection...
- BLOCKCHAIN REVOLUTION by Don Tapscott and Alex Tap...
- Apple's Find My iPad tool leads Thai police to not...
- US agency steps up Twitter campaign against textin...
- Samsung Galaxy S7 Edge: Android security update fo...
- Blizzard offering 13 free Whispers Of The Old Gods...
- Apple iTunes Movies and iBooks go dark in China, c...
- Blizzard releases first free Overwatch comic featu...
- Google and Microsoft drop all regulatory complaint...
- Blizzard's Jeff Kaplan reveals how MMO Titan's 'de...
- Moto G4: Release date, specs and pricing expected ...
- Shakespeare's 400th Anniversary: Ian McKellen unve...
- Cortana on Windows 10: Tips and tricks for Microso...
- How to Turn Your Surface Pro 4 Into A Desktop PC
- Samsung Galaxy Note 6 Release: 6 Things to Know Ri...
- How to Change the LG G5 Lockscreen & Wallpaper
- Eclipse Black Ops 3 DLC Tips
- Best Samsung Galaxy S7 Deals
- 14 Best Samsung Galaxy S7 Cases
- HTC Vive Hands On: Three Things You Should Know
- 7 Apple Pencil Holders to Keep Your’s Safe
- Is Microsoft OneDrive Worth Buying?
- Minecraft Realms for iPhone, Android & More: What ...
- Another Android Smartphone with 6GB RAM Spotted in...
- LinkedIn Launches Android/iOS Application to Help ...
- Sony Expands Marshmallow to Xperia Z2/Z3 Variants,...
- ZUK Z2 Pro Official Image Teased Ahead of April 21...
- Nubia Z11 Mini Goes Official with Snapdragon 617 C...
- Samsung Galaxy C7 Specs Leak in Benchmark: Snapdra...
- Motorola Moto G (4th Gen) Caught on Video Ahead of...
- VLC for Windows 10 Mobile Public Beta Launching Ne...
- Opera Mini Won't Receive Any Major Updates for Win...
- Samsung Plans to Build Powerful 18-24MP Camera wit...
- Motorola Moto G4 Plus First Press Render Leaks Online
- Huawei Honor V8 with Dual-Camera Setup Coming on M...
- World’s Smallest Android Smartphone Comes with 2.4...
- LeEco Le Max2 with 5.7-Inch Quad HD Display and 6G...
- Facebook Messenger for Android and iOS Updated wit...
- ZUK Z2 Pro Goes Official as Another Smartphone wit...
- Huawei P9 Lite Announced with 5.2-Inch Display, 13...
- Acer Liquid Zest Plus Launched with Massive 5,000 ...
- Samsung Galaxy S7 Clone Looks Shockingly Real - Video
- LG G5 SE Goes Official with 5.3-Inch Quad HD Displ...
- Fallout Shelter for Android/iOS Updated with Scrap...
- Sony Xperia Z3 Is the First Non-Nexus Device to Re...
- Huawei and Leica Release Statement on P9 and P9 Pl...
- Samsung Galaxy Note 6 Could Pack 4,000 mAh Battery...
- Xiaomi Mi Max Phablet Gets a Teaser Ahead of Offic...
- Qualcomm Addresses Concerns Over Quick Charge 3.0 ...
- Alcatel Pop 7 LTE Tablet Arrives at T-Mobile, Cost...
- Subway Surfers Developer Launches Frisbee Forever ...
- Intel-Powered 2-in-1 Tablet with Windows 10 and 10...
- Sony Xperia X Coming to the UK in May, Xperia XA A...
- Best smartphones of 2016: The best mobile phones i...
- AT&T reveals price and release details for the Sam...
- Samsung Galaxy Phones Prone to Hacking via USB Cab...
- Galaxy S7 and Galaxy S7 Edge dubbed world’s best p...
- Samsung Galaxy A7 (2016) review: External beauty i...
- Boost Mobile adds Samsung Galaxy J7, LG and Kyocer...
- Xiaomi Mi 5 review: Extraordinary value Android ph...
- HTC phone hopes to rival iPhone, Galaxy
- Samsung Galaxy S8: what we want to see
- Galaxy S7 New 'Top Rated Phone', consumer Reports...
- One month with the Samsung Galaxy S7 Edge: Can the...
- Researchers develop a mobile app that lets visuall...
- Facebook usage over Tor surpasses one million mont...
- India to become second largest smartphone market b...
- Free Wi-Fi content on trains and buses; this is ho...
- China ban on Apple services is a challenge for key...
- Android N Developer Preview moves beyond Nexus dev...
- Apple may be exempted from local sourcing norms fo...
- Acer Liquid Zest Plus announced with massive 5,000...
- US Justice Department withdraws NY iPhone unlockin...
- Microsoft, Google agree to withdraw regulatory com...
- February(1)
-
April(1335)
Sumsung Galaxy User Guide
Android Tutorials
Labels
Recent Posts
Blog Archive
-
Apple Watch 2 fans have a happy news here: At last, the brand has opened the box and confirmed its launch date which will be during the Worl...
-
Apple has lowered the prices of all iPhones sold officially in Japan by 10%. There is no official statement on the reason for the price cut,...
-
By now you've likely heard that the latest Tesla vehicle, the Model 3 , has been in high demand almost immediately since its debut early...
-
In an effort to further improve its service, Facebook has yet again updated it News Feed ranking algorithm. The social networking company sa...
-
Everyone likes free apps, but sometimes the best ones are a bit expensive. Now and then, developers put paid apps on sale for a limited time...
-
By now you've likely heard that the latest Tesla vehicle, the Model 3 , has been in high demand almost immediately since its debut early...
-
Apple has announced its update of the MacBook with better specs and a new color. In a press release two days ago, Apple said it installed ...
-
[unable to retrieve full-text content] SIM only deals On this page you'll find links to the best SIM only deals currently available in t...
-
Privacy is always one of the biggest priorities in this time when everything can be searched with just a click of a button. Mobile messaging...
Like US On Facebook
Followers
Total Pageviews
Tomorrow's Buildings: Help! My building has been hacked
- 20 April 2016
- From the section Technology
Image copyright
Thinkstock
Experts say it is "shockingly" easy to hack into a building
In 2013, Google - one of the world's pre-eminent tech companies - was hacked.
It wasn't its search engine that was attacked or its advertising platform or even its social network, Google+. Instead, it was a building.
Two cybersecurity experts hacked into its Wharf 7 office in Sydney, Australia, through Google's building management system (BMS).
One of them, Billy Rios, says: "Me and my colleague have a lot of experience in cybersecurity, but it is not something that people couldn't learn.
"Once you understand how the systems work, it is very simple."
He found the vulnerable systems on Shodan, a search engine that lists devices connected to the internet, and then ran it through his own software to identify who owned the building.
Image copyright
Thinkstock
Attacks on buildings were probably happening "all the time", said one expert
In the case of the Google hack, the researchers had no nefarious purpose, did no damage and informed Google about the vulnerabilities they found.
According to Mr Rios, who runs security company Whitescope, there are 50,000 buildings currently connected to the internet - including research facilities, churches and hospitals, and 2,000 of those are online with no password protection.
"That is 2,000 buildings where you can access systems that heat and cool the building and potentially gain access to the controls of the doors," he says.
Martyn Thomas, a professor of IT at Gresham College in the UK, tells the BBC: "It is beyond doubt that attempts to attack building management systems are happening all the time."
Making a building smart generally means connecting the systems that control heating, lighting and security to the internet and the wider corporate network.
There was a compelling reason for doing this, said Andrew Kelly, principal security consultant at defence company Qinetiq.
"Energy savings are the biggest factor in connecting building management systems to the corporate network," he says.
"It gives those who run the building better control and offers between 20 to 50% in energy savings."
Image copyright
Thinkstock
A hacker with control of heating or lighting could have serious consequences in a hospital
But it also makes them less secure.
There are various scenarios where a hacked building could have dire consequences.
Imagine, for instance, a malicious attack at an old people's home where, in the depth of winter, hackers gain control of the heating system and shut it down.
Or a hospital where hackers take over the lighting or electricity system.
Or thieves who walk into a building they want to rob simply by overriding the system that controls the security.
And if any of these feels like a Hollywood film script, think again.
In 2013, the US Department of Homeland Security revealed hackers had broken into a "state government facility" and made it "unusually warm".
And, in 2014, security consultant Jesus Molina told US cybersecurity conference Black Hat he had been able to gain full control of lighting, temperature and the entertainment system of 200 rooms while staying at the St Regis hotel in the Chinese city of Shenzhen.
Some of the most high-profile attacks in recent years have taken advantage of the vulnerability of building management systems.
Image copyright
Reuters
Ukraine had to turn to back-up power sources, following a spate of power cuts
An attack on US retailer Target, in which millions of customers' credit card information was stolen, was traced back to the heating and ventilation system.
And, at the beginning of the year, a Ukrainian power station was hacked. Although spear-phishing - where an employee is duped into bringing malware into the system by clicking on an email or link - was blamed as the means of entry, the result was physical - nearly 80,000 customers were left without power.
Mr Kelly tells the BBC: "We have seen plenty of ransomware attacks where computers are encrypted by hackers and only decrypted if the company pays money, and it is very easy to see a scenario of such an attack on a building management system, where a factory or hospital is disabled and hackers request payment.
"It is on the horizon, it is just a matter of time,"
Mr Kelly has recently conducted a survey of smart buildings, ranging in size from small businesses with just a handful of employees to those with thousands of staff.
It was the building management systems that jumped out as the most vulnerable.
"In all cases, pretty much without fail, these systems had been procured without thought to how to make them secure. I was absolutely shocked," he tells the BBC.
"We saw systems installed with default passwords where it would be a trivial exercise for someone remotely to gain access."
Image copyright
Thnkstock
Often the weakest link is the people installing smart systems
And he found many building management systems were plugged into the corporate network "without thought about who had access or the impact of someone accessing the data in this network".
Image copyright
Thinkstock
Will we need to work in offices in the future?
Tomorrow's Buildings
Just as a plumber wouldn't worry about home security, so those installing building management systems may not think about security.
"Almost anyone can set up as a BMS installer - it is a bit like taking your car to a garage with mechanics with no qualifications," Mr Kelly says.
He recommends these smart systems are kept entirely separate from corporate networks, because it is virtually impossible to ensure the code behind them is hacker-proof.
Prof Thomas says: "These BMS systems have hundreds of thousands of lines of code, and yet the average programmer makes 20 mistakes in every 1,000 lines of code, so there are lot of bugs there."
Football game
Image copyright
Thinkstock
Could a fan change a football game from the comfort of his or her sofa?
For Mr Rios, the experiment at Google proved no company - even one of the most hi-tech in the world - is immune to the growing threat of insecure buildings.
In a report written about some of the vulnerabilities he found in buildings, he highlights one of the more unusual possible hacks.
He found Alabama's Bryant Denny football stadium had an exposed system that could have allowed hackers not just to turn off the lights and heating in parts of the stadium but also interfere with the game clock, which, in turn, could have affected the "integrity of the game".
"Imagine if a fan could impact the outcome of a professional or college sporting event while sitting comfortably on their home couch," he says.
Source : www.bbc.co.uk
0 comments:
Post a Comment