I get pretty irritated with the CyberWar Hysteria sometimes. The logic of alamists goes something like this:
1) “Oh Noes there are Bad Haxors out there who break into computers!!”
2) “Computers are buggy and have problems and really get hacked!!!”
3) *crickets*
4) “EXPLOSIONS, MASS DESTRUCTION AND DEATH ARE COMING!!!1!11!”
It is genuinely hard to find examples of meatspace impacts from online hacking. Most frequently suggested is the power grid: the systems are complex, incredibly creaky, and computer controlled. This may have (but probably didn’t) happen in Brazil.
That scenario took an interesting turn towards plausibility recently; some very clever USB-driven malware targeting grid control systems has been found. There’s no obvious reason to target these systems except to try and do something nasty to the grid.
Cyberwarriors are group who may be to blame for this; clever criminals are another.
However clever the techniques to execute the attack, the vector is hilariously trivial: factory default passwords.
That’s right, the computers controlling the critical infrastructure of our nation’s power supply have default passwords they ship with, and for the baddies to be successful they’re relying on the fact that these have not been changed.
A good reminder that sometimes the biggest threats are the most elementary mistakes.
