Below is a timeline of over 50 historic cyber-kinetic attacks, system malfunctions and key researcher demos targeting cyber-physical systems (CPS), Internet of Things (IoT) and Industrial Control Systems (ICS) resulting in kinetic impacts in the physical world. I tried to select only those that were first-of-the-kind or that significantly increased general awareness about a particular type of an attack or incident.
The World of Cyber-Physical Systems and the Rising Risk of Cyber-Kinetic Attacks – Chapter 1 of Cyber-Kinetic Attacks bookMarin Ivezic -
(This is the first chapter of my upcoming book Cyber-Kinetic Attacks) We live in a world in which the way we observe and control it is radically changing. Increasingly, we interact with physical objects through the filter of what computational systems embedded in them tell us, and we adjust them based on what those systems relate. We do this on our phones, in our cars, in our homes, in our factories and, increasingly, in our cities. Physical objects are so interconnected that we simply take those connections for granted, as if being able to unlock your car by pushing a button on your key fob, unlocking it with your phone or even by walking toward it is the way car locks always worked. This interconnectedness offers us capabilities that exponentially exceed the expectations of science fiction writers and futurists of past generations. But it also introduces disquieting possibilities. Those possibilities reach beyond cyberspace to threaten the physical world in which we live and – potentially – our own physical well-being.
Western publications often picture the People’s Democratic Republic of China (hereafter China) as the world’s chief propagator of cyberattacks. But the picture is much more complex than such broad-brush claims suggest. Few Westerners realize that China and its neighbours in the Greater China region (Taiwan, Macau and Hong Kong) have, over last few years, became the most technologically advanced region in the world – ahead of the West in the adoption, and in many cases even in the development of advanced technologies. Countries in the region were always close to the top of the list of victims of cyberattacks. Factors, such as internal hacktivism and cybercrime perpetrated by the rapidly growing technologically savvy segment of the population and their legion of wannabe hacker apprentices have propelled cyberattacks on the region firmly to the top of that list. Rapid adoption of new technologies without adequately addressing cybersecurity issues only exacerbates the problem. The Greater China region has adopted these technologies aggressively. Yet, in their rush to adoption, enterprises in the region have largely lagged the rest of the world in addressing cybersecurity.
You may have heard, over the last year or two, about the new technological miracle that is the blockchain. It seems that every banker, insurer, manufacturer, artist, lawyer and cybersecurity professional is shouting about blockchain from the highest peak and telling us how it will be used to secure everything against anything for all time, additionally removing those embarrassing blemishes from our skin and freshening our breath at the same time. Clearly some large portion of the blockchain-related content we see in the media is hyperbolic, at best, but it is an important technology nonetheless. Let's take a look at some of the realities of what we can and cannot do with blockchain in relation to cybersecurity.
Below is my attempt at tracking all published IoT and "Smart Everything"-related security guidelines, frameworks and standards. If you are aware of additional entries that should be here, please let me know. List of Internet of Things (IoT) Security Guidelines, Frameworks and Standards by Marin Ivezic is licensed under a...