A new report makes the damning claim that nuclear power plants around the world have an “element of denial” about the risks of cyberattacks and are ignorant of their inherent cybersecurity flaws.
Cybersecurity risks concerning nuclear facilities are on an upward scale. The growing risks are due to the increasing reliance on “off-the-shelf” software that helps in cutting costs but are a lot easier to hack, according to a new report by London-based NGO Chatham House.
The report expanded on a number of threats overshadowing nuclear installations and found industrial, cultural and technical challenges facing nuclear facilities on a global scale.
The full report [...]
Perhaps the most important role in security research is breaking security, and that’s what the researchers at Tel Aviv University’s Laboratory for Experimental Information Security are up to with their recent forays into electromagnetic attacks.
The new research resembles a more advanced and applicable version of earlier research done in Israel, discussed previously here at Hacked. Rather than simply being able to intercept keys being pressed and data being entered into the system, as researchers were able to do even with air-gapped computers months back, this new exploit will allow the researchers to actually figure out the [...]
A fairly common set up for air-gap security, the set up which cuts a system off from all networking on a permanent basis, is to have air-gapped computers near regular workstations so that they are easily accessible. For a long time, the common wisdom has been that this is the only way to be truly secure from remote attacks. Local attacks, where the hacker would have direct, physical access to a computer, are still possible with an air-gap, but physical security often compensates for this.
Security professionals have said for years that the only way to make a computer truly secure is for it to not be connected to any other computers, a method called airgapping. Then, any attack would have to happen physically, with the attacker actually entering the room and accessing the computer that way, which is incredibly unlikely. In the case of computers containing highly sensitive information, additional, physical security can always be added in the form of security guards, cameras, and so on.