In this article, I would like to discuss security vulnerability and public awareness. In last decade, with a rapid development of technology, the life has become easier in a manner of ability to get interacted with an information and the people. Thus, improvement of the information technology has statically gone top level. Eventually, digitalization became a solution but the vulnerabilities.
Digitalization is the trend topic of business so far. Making an affordable system that can cover itself up, avoiding lacks comes via human factors, reducing incapability of systems and making self-improvements based on self-learnings are the fundamentals of the digitalization. Adding a value to the business is what the industry has focused on! And the answer can be oriented within that topic.
Siemens has announced Industry 4.0 application and it’s competitor GE has initiated Predix that related in IoT (Internet of Things) meet with Industry (Industrial Internet of Things-IIoT). In other words, local devices get measured, monitored and controlled in order to feed that kind of platforms to have a vision that can avoid future mistakes and give insights to the users. The platforms are mostly implemented in Cloud. On the other hand, we miss something on this smartness. This digitalization is not a standalone fact that has been built by itself. Human creation can have its vulnerability within itself.
A hacker is someone who thinks from outside, is technologically-inclined, and finds unusual solutions to problems. Hackers are defined in 3 categories in color of a hat:
- THE WHITE HAT HACKERS
- THE GRAY HAT HACKERS
- THE BLACK HAT HACKERS
Above hat color separated hackers use the common methodology in order to get what’s important but the behavior. This segmentation can be considered as purpose relation: to harm the system or not.
Researcher Max Kilge, proposed that the motivations for the hacker community can be thought of as M.E.E.C.E.S. The attackers can be outsiders or insiders according to the motivation that they have.
At the end of 2016, Ukraine grid has hacked by the Russian hackers. According to the news:
Meanwhile, it has come to light that an unconfirmed group of Russian hackers took over computers at an electricity control center to plunge parts of the city of Kiev into darkness. The hackers apparently sent malware via e-mail to employees, allowing them to steal login credentials and shut down substations. All told, the attack took out 200 megawatts of capacity—about 20 percent of the city’s nighttime energy consumption.
According to the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), Destructive Malware exists in our files that treat the business, the industry proceed. There are some key recommendations to avoid exploits such as frequently back-ups, accessible plug out machines, up-to-date antiviruses, system patches etc.. Which refer an operation to be scheduled and checked against the current one.
As a fact, there is enormous deployment on the side of improved technology. On the other side, there is a serious threat that comes from above-mentioned motivations by threat agents. If the growth of the technology cannot meet with increased sophistication of threats then all the development can be meant for nothing! It can be gone once for all. The result can be fatal according to the volume and the purpose.
Written by: Onur Karmis