hacking tags

Bull Session

Hacking Infrastructure

April 13, 2017          

Episode Summary

On this episode of The Digital Life, we discuss our vulnerable infrastructure, in light of the recent hacking attack on the Dallas emergency sirens. Our real world infrastructure — from power plants to airports to dams — is increasingly subject to both online and offline security breaches, which represents a significant problem in a world where the Internet of Things (IoT) is just beginning to take hold.

While the Dallas hack was accomplished via a radio or telephone signal — not an online breach — it nonetheless provides a prime example of how such attacks disrupt municipal emergency response. Over 4,000 calls flooded the city’s 911 system, forcing real emergencies to wait. Unfortunately, the spectrum of these attacks runs from malicious prank to terrorism and it’s hard to know what kind of attack is happening as it occurs.

Potential outcomes, including the difficulties brought on by service disruptions for electricity, water, transportation, etc., not to mention increased skepticism of emergency systems, could potentially be life threatening. What are the solutions for such hacks on critical infrastructure? And how should we view these types of events and react to them in a resilient fashion in the future?

Resources:
Hacking Attack Woke Up Dallas With Emergency Sirens, Officials Say
Sirens in Dallas, Texas Maybe Civil Defense Tests? Hackers?
Culprit broadcast signal that triggered Dallas’ emergency sirens Friday night
Someone hacked every tornado siren in Dallas. It was loud.

Jon:
Welcome to Episode 202 of The Digital Life, a show about our insights into the future of design and technology. I’m your host Jon Follett, and with me is founder and cohost, Dirk Knemeyer.
Dirk:
Greetings listeners.
Jon:
For our podcast this week, we’re going to talk a little bit about hacking critical infrastructure in light of the recent Dallas hacking attack over the weekend. On Friday night, there was a hacking attack on the Dallas Emergency Sirens that basically warn folks about tornadoes, other weather emergencies, or just emergencies in general.
This attack I think shows how our real-world infrastructure is just frequently being undermined by these security breaches.
Dirk:
I don’t know if “frequently.”
Jon:
Well, I mean surprisingly, these incidents are becoming more common, so maybe you’re right. That “frequently” isn’t-
Dirk:
It’s hyperbolic Jon.
Jon:
It’s not hyperbolic. It’s-
Dirk:
You’re like a tabloid baby.
Jon:
Yes, The Digital Life daily news here. But there are more and more examples every month of sort of major and minor hacking problems. For instance, a few months ago we were talking about how the servers at [/den/ 00:01:45] were brought down by a denial of service attack due to this IoT botnet. Now, totally different circumstances, but I would say that the level of complex systems that we now have combined with just this sort of wave of technical know-how combined with whether you call it hacking for a prank or for something more malicious.
Those two things are converging, so people understand how to manipulate these systems and then there are a variety of reasons to do that, whether it’s for attention, whether it’s to cause some mischief, or whether it’s to actually cause harm.
Dirk:
Yeah.
Jon:
Which we can all touch on today. Let’s start with a little bit of a summation of the Dallas Emergency Siren hacking attack. I have from YouTube, user Theme Park Brews posted this on Friday night.
Video:
Can you guys hear that? What the heck is going on? So, I was looking at Twitter, and I was trying to see what was going on, and there are sirens going off all over Dallas right now, so if you guys know what’s going on, let me know in the comments below because I have no idea. I’m in Dallas, Texas. It is 11:51 PM, April 7th, and I just want to know what’s going on. It sounds like every single alarm within at least a 20-mile radius here is going off, and I’m checking out Twitter. It sounds like it’s going on all over Dallas.
Jon:
So that’s a little bit of audio from YouTube. YouTube and Twitter are really turning into the news resources for the digital age, but all 156 of the city’s emergency sirens went off late on Friday night, so around 11:30, and that continued for several hours before the city sort of figured out what to do about it. In the meantime, there were well over 4,000 calls to their 911 system, which is from what I understand, not too good to begin with.
It was overwhelmed now with calls from people worried about the sirens going off. Early today, it was revealed that the hack was actually completed via a radio or telephone signal that triggered all the alarms at the same time, so it wasn’t strict-
Dirk:
Sound hi-tech Jon. I got to tell you.
Jon:
Well, it wasn’t strictly a malware or a computer hack the way we would-
Dirk:
Kim Jong Un wasn’t on the other side of this? Putin?
Jon:
I would hope not. I would hope they’re not sitting there with cellphones trying to set off Dallas’s emergency siren system, but this just shows the spectrum right?
Dirk:
Yeah.
Jon:
So on one side of the spectrum you have what are more or less pranks, and on the other side of it, you have digital terrorism, right?
Dirk:
Yeah.
Jon:
So in the Ukraine, there was a power plant that was hacked with malware, which more or less took out people’s power for many hours. So you have this real-world infrastructure that’s intersecting more and more with technology, and I think part of the problem that we’re facing now is how do we react to this possible wide array of hacking attacks, because this really is almost like the weather.
Like you have weather where you just need to grab a coat or an umbrella and you don’t really pay much mind to it, and there’s weather where you damn well better stay indoors and get into your basement because it’s very serious.
We’ve got this same spectrum of possibilities now with these hacking attacks, and I think we’ll figure it out, but it will take a little time to truly, as a group, sort of figure out what the right reactions are because 4,000 to 9-11 while other emergencies are being held up, that’s an unintended consequence that no one wants, I would think.
Dirk:
Maybe the hacker wanted it. Who knows?
Jon:
How does all of this play for you? In this particular case it’s just kind of silly because it sounds like a city-wide rave from that audio, but I’m sure in the middle of it, if everywhere you go a siren’s going off, that’s got to be pretty alarming.
Dirk:
Yeah, it really is a reflection of how we’re still in the early days, the Wild West of these technologies. I think about the electricity industry. Electric powered lights started in the 1870s. We’ll talk about New York City. The industry in New York City, it started in the 1870s and by the early 1880s, if you would look up in the sky from within New York City, within Manhattan let’s say, the sky was crisscrossed with electric wires.
There were just electric wires hither and thither and hanging everywhere. It was not uncommon for people to be electrocuted by them because a live wire would fall or even just installers trying to put up the new line and there’s so many other lines they’re contending with in this horrible infrastructure, and it’s because it was early days in the Wild West.
There were two things that improved the situation. One was technology, and not surprisingly talking about the electricity industry, it was Thomas Edison who innovated underground wires and a system, a very crude by today’s standards, system of a box where these wires ran through that moved underground.
The other part was legislative, was laws were then passed. Standardization was established where there were enough disasters, enough catastrophes that things needed to change. So there was a technology then that enabled the change and it all kind of fell into place at that point.
We’re still in the “live wires hanging crisscrossed over our heads” stage of this sort of Internet of Things, connected environments, technology. I’m filling in some blanks here. I don’t have insider knowledge, but you have a municipal government that is probably dealing with budget shortfalls in lots of different ways that is probably at best, slightly behind on technology, possibly horribly behind on technology.
Nonetheless, doing their best within the limitations they’re faced with to put a system in place that’s leveraging some of the technology in ways that seem logical and sensible and smart. It’s a catastrophe, clearly, because of what happened, and so after that failure, again in the 1870s, 1880s, a pedestrian getting electrocuted arbitrarily, there’s going to be improvement. There’s going to be change.
A lot of other municipalities looked at what happened in Dallas that night, and they were like, “That can’t happen to us. What are they using? What are we using? How do we avoid it?” Something like this very well could happen again. This isn’t the end of it, but it’s one step in moving from the early days, the Wild West, the almost more sort of tinkering and trusting and just having faith that things will work out into systems that are more sustainable, more resilient. We just aren’t to them yet.
It’s immature. It’s early days, Jon.
Jon:
Yeah, I think the Dallas system, to your point, is an older one, and it clearly has a remote access element to it which very well could be handled via computer, although they were explicit in saying that that system was not compromised, that it was this older system that was triggered by telephone or radio.
Dirk:
They’re all daisy-chained together. I mean, they’re all part of the same system at the end of the day.
Jon:
And that’s what’s very interesting about the Internet of Things because some of these systems are being upgraded with sensors to make them either provide information from the environment they’re in or accept commands from remote inputs. So the promise of the Internet of Things is really to wire up some of your new infrastructure which will have the stuff built in, but also to retrofit your older pieces so that whether you’re running a farm or whether you’re running some manufacturing, you can wire it up and it becomes IoT enabled.
What this shows is that there are lots of gaps where mischievous, malicious people can find ways to create problems when you become reliant on these systems. Not only from the perspective that, “Hey we are starting to really expose some of this so that there are that many more attack surfaces,” but we are also not necessarily keeping track of all the attack surfaces that already exist in these sort of ancient but still functioning systems and especially when it comes to government. There’s discussion about old government computers at the White House that were exposed to hacking.
I can’t imagine what operating systems those things are running on, but it does raise the issue that if you want to create mischief, if you want to create problems, the 21st century, the era of the empowered small group or the empowered individual, it’s upon us, and you have that much more ability to wreak havoc whether it’s something as seemingly benign as the outcome of this Dallas hack or something less benign as people have power cut or some other problem that could come up.
I liked the word you used earlier talking about “resilience.” These systems are not very resilient, so as part of design for IoT and better security, I think it’s important that the systems that we create have multiple backups, whether you’re talking about for this critical infrastructure, or as we consider things like global warming, where even the very foundations of our cities are going to be in trouble because we’ll have that much more flooding or that much more water coming into a city like our city of Boston or our neighbors on the East Coast in New York.
Resilience is sort of the watch word of technology infrastructure for the 21st century in light of hacking and in light of the weather conditions that we’re facing.
Dirk:
I mean the security industry is already one of the largest verticals in software. What was the word you said? The frequency of these dastardly attacks just reinforces that it probably still isn’t enough, that we’re under-investing in security. Look Jon, I mean part of it is decadence, right?
Here in the United States, large parts of Europe, other places around the world, we’re wealthy. We’re comfortable, and we forget the fact that the foundation for a higher functioning civilization begins with security. It begins with safety. With the internet, with all of these different modern communication tools and infrastructures, I’ll call them software infrastructures, we are really lax on the security part because we live in a physical reality of abundance and comfort.
We just kind of take for granted that we can’t really be given the shove, then the ways that we can. We are horribly exposed. I mean we’ve talked in a lot of different ways on the show about this over the years, but I’ve been very cavalier in saying, “Look, I’m certainly not going out there exposing my stuff, but I take for granted that my stuff is out there in a way, where for example, somebody could assume my identity and take all my money.” But I shrug and I say, “Well, you know. I’m participating in this world. I like participating in this world, and the government or the bank will bail me out anyway.”
That is a horribly irresponsible mindset, but it’s the mindset that most of us bring either consciously or unconsciously to our activities in the digital world. The fact is, we’re not safe. We’re not secure. We are exposed. To what degree is that going to cost us our lives or massively impact our lives for the worst? It’s probably not likely, but it could happen. We’re exposed for it, and we don’t seem to care too much.
Jon:
The conclusion I think to all of this is in part at least to begin to understand our reliance on these systems and also that a certain degree of skepticism and resilience is going to be required to navigate going forward, especially when it comes to understanding the possibilities that you’re receiving information but you can’t always believe the information you’re receiving, seems to be the caution that we all have to take.
Listeners, remember that while you’re listening to the show, you can follow along with the things that we’re mentioning here in real time. Just head over to TheDigitaLife.Com. That’s just one “L” in The Digital Life, and go to the page for this episode. We’ve included links to pretty much everything mentioned by everybody, so it’s a rich information resource to take advantage of while you’re listening or afterword if you’re trying to remember something that you liked.
You can find The Digital Life on iTunes, SoundCloud, Stitcher, PlayerFM, and Google Play, and if you want to follow us outside of the show, you can follow me on Twitter @JonFollett. That’s J-O-N-F-O-L-L-E-T-T. And of course the whole show is brought to you by Involution Studios, which you can check out at GoInvo.Com. That’s G-O-I-N-V-O.Com. Dirk?
Dirk:
You can follow me on Twitter @DKnemeyer. That’s @ D-K-N-E-M-E-Y-E-R. And thanks so much for listening.
Jon:
So that’s it for Episode 202 of The Digital Life. For Dirk Knemeyer. I’m Jon Follett, and we’ll see you next time.

No Comments

Leave a Comment

Your email address will not be published. Required fields are marked *

Jon Follett
@jonfollett

Jon is Principal of Involution Studios and an internationally published author on the topics of user experience and information design. His most recent book, Designing for Emerging Technologies: UX for Genomics, Robotics and the Internet of Things, was published by O’Reilly Media.

Dirk Knemeyer
@dknemeyer

Dirk is a social futurist and a founder of Involution Studios. He envisions new systems for organizational, social, and personal change, helping leaders to make radical transformation. Dirk is a frequent speaker who has shared his ideas at TEDx, Transhumanism+ and SXSW along with keynotes in Europe and the US. He has been published in Business Week and participated on the 15 boards spanning industries like healthcare, publishing, and education.

Credits

Co-Host & Producer

Jonathan Follett @jonfollett

Co-Host & Founder

Dirk Knemeyer @dknemeyer

Minister of Agit-Prop

Juhan Sonin @jsonin

Audio Engineer

Michael Hermes

Technical Support

Eric Benoit @ebenoit

Brian Liston @lliissttoonn

Original Music

Ian Dorsch @iandorsch

Bull Session

Designing Deception

March 9, 2017          

Episode Summary

On The Digital Life this week, we discuss deceptive software in light of the recent revelations that Uber used its Greyball application to evade and thwart municipal officials nationwide, who were looking to regulate or otherwise monitor the service. This has a similar flavor to the Volkswagen story from last year, in which the company installed special software in its diesel powered cars to specifically reduce emissions during testing by authorities. What are the ways in which consumers now need to be aware of these deceptive practices? And how should we navigate the marketplace?

Resources

How Uber Deceives the Authorities Worldwide

Bull Session

A Year Talking Tech

December 22, 2016          

Episode Summary

For our final podcast of 2016, we chat about the big themes on the show and our favorite episodes over the past year. We had conversations on design and tech with some wonderful guests including ground breaking geneticist George Church and open science advocate and researcher, John Wilbanks. From AI to genomics to cybersecurity, we covered a wide range topics on The Digital Life in 2016. So what did we learn from a year talking tech?

AI is too smart for its own good.
Artificial intelligence is evolving rapidly, with both high profile public failure and success by a number of tech giants this year. For instance, Microsoft had to terminate Tay, its teenage chatbot, after the bot started tweeting neo-Nazi propaganda and other abusive language at people. Meanwhile, Google’s DeepMind created an AI capable of beating some of the very best human players in the world at Go, the Asian strategy board game. And, we were introduced to a brand new “Rembrandt”, which was 3D-printed with eerie accuracy by an artificial intelligence algorithm, trained by analyzing the artist’s paintings.

Episode 149: Artificial Intelligence
Episode 151: AI Goes to Art School
Episode 163: AI Goes to the Ballpark

DNA replaces silicon as the new material for innovation.
The fields of genomics and synthetic biology continue to press forward in astonishing ways. In Seoul, Korea, a controversial lab revealed plans to clone endangered animals in order to save them from extinction. At the Massachusetts Institute of Technology (MIT) and Boston University (BU) synthetic biologists created software that automates the design of DNA circuits for living cells.

Episode 148: On Cloning
Episode 150: Engineering Synthetic Biology
Episode 154: DNA as Data Storage
Episode 158: Writing Human Code
Episode 168: The Microbiome
Episode 169: Genomics and Life Extension
Episode 170: Chimeras and Bioethics
Episode 176: Three Parents and a Baby

Hacking and cybersecurity are front and center as online and offline worlds collide.
In 2016, cybersecurity became a primary issue in a host of critical areas including communication, energy, and politics. Power grids, airports, and other infrastructure were increasingly subject to cyber attacks and an increasing number were successful. The debate over privacy and security was reinvigorated by the hubbub around the FBI request of Apple to unlock an iPhone owned by one of the San Bernardino shooters. And, Wikileaks distributed e-mails obtained by sources who hacked the DNC and individuals associated with the Clinton campaign during the U.S. presidential elections.

Episode 139: Hacking Power
Episode 144: Apple vs. FBI
Episode 166: Hacking the DNC
Episode 179: Internet Takedown

The automation of work is coming.
We got another startling look at what the future of work could become as software, robots, and the IoT continued to automate activities previously completed by humans. According to preliminary findings of a recent McKinsey report, 45 percent of all work activities could be automated today using technology already demonstrated. From fulfilling warehouse orders to suggesting medical treatments for ailments, the coming wave of automation will redefine jobs and business processes for factory workers and CEOs alike.

Episode 140: Automating Work
Episode 141: Future Transportation
Episode 145: Robot World
Episode 153: Smart Cities and Sidewalk Labs
Episode 173: Labor and the Gig Economy

Design and science are intersecting in new and significant ways.
Whether it’s in the creation of high tech clothing, embeddables, or materials, design and science are coming together in new and significant ways. Clothing designers are working with multi-disciplinary teams, integrating input from engineers and synthetic biologists into their work. From 3D-printed couture to scarves dyed with bacteria to textiles grown in the lab, emerging tech is creating rapid innovation in the fashion industry. And this year, in the burgeoning world of designing embeddables, the U.S. Patent Office approved Google’s patent for electronic lens technology, which implantable directly in the eye. These mechanical eyes might give you superhuman abilities — to see at great distance or view microscopic material, and document it all by capturing photos or video.

Episode 143: Clothing and Technology
Episode 155: Designing Embeddables
Episode 161: The Future of UX
Episode 171: Embeddables
Episode 172: Quantum Computing

Bull Session

Internet Takedown

October 27, 2016          

Episode Summary

On The Digital Life podcast this week, we discuss the distributed denial of service attack (DDoS) that took down the Internet on the East Coast for a sustained period of time last Friday. Dyn, a Domain Name System (DNS) services company from New Hampshire was hit with multiple waves of attacks on its Internet directory servers.

This DDoS attack was propagated by an IoT botnet — essentially webcams, DVRs, and routers from all over the world — that were infected with malware. This is a very public example of an IoT outcome that was malicious rather than beneficial, an interesting case study for this emerging technology that raises serious questions about its future implementation.

 
Resources:
What We Know About Friday’s Massive East Coast Internet Outage

Bull Session

Hacking the DNC

July 28, 2016          

Episode Summary

This week on The Digital Life we discuss cyberwarfare, propaganda, and the release of the DNC’s e-mails on WikiLeaks, but what some security experts have indicated to be Russian hackers.

Small groups of technologically empowered people are shaping our digital world in new ways. We’ve heard about the creative class of knowledge workers who leverage digital technology to build new things. These destructive actors are, in many ways, their polar opposite.

 
Resources:
Clinton campaign — and some cyber experts — say Russia is behind email release