Cyber security and hacking insulin pumps

Expert’s estimate: the cost of causing the collapse of the internet globally would be around $100 million.

Petr Matějček | 11.08.2011

“A load of blogs and fat people wanting to have sex with you,” was how US comedian Richard “Lowtax” Kyanka described the internet just a few years ago. But the world-wide web today is much more than a circus of oddities formed from ones and zeros. We use the internet to work, communicate, to shop and pay bills, to archive… Slowly but surely it has become the backbone of our society.

Over the past five years the computer networks of governments, global corporations, NGOs and all sorts of other institutions have been infiltrated by hackers; state secrets have been exposed, contracts, email archives and studies have been erased. The magazine Vanity Fair is proposing naming 2011 Year of the Hacker. Television commentators speak about the internet as the possible starting point of a third world war, cyber security has become a multibillion dollar business and people everywhere have come to realize just how vulnerable the young technological organism really is.

Blackout for $100 million

“Rather than sending an expensive bomber plane somewhere, today you’d do better to put a computer on a table and get a talented The question is whether we in this country are paying sufficient attention to the threatyoung lad to sit in front of it. The cost of bringing about the collapse of the internet globally is estimated at around $100 million. Attacks are increasing. At the Lisbon Summit [of EU leaders in 2010] the threat of cyber attacks was put on the same level as weapons of mass destruction,” Aleš Špidla, author of the Strategy for Cyber Security of the Czech Republic for 2011 – 2015 and former director of the Ministry of Interior’s department for informational and cyber security, told Czech Position.

In a recent report the US computer security firm McAfee lists more than 70 victims of cyber attacks in 14 countries including Hong Kong, Germany, Denmark, India, Switzerland and Japan. The Czech Republic is not on the lists – at least not for now.

Nevertheless, the internet hardly recognizes national borders and Czech cyberspace is no less vulnerable than any other; the question is whether we in this country are paying sufficient attention to the threat. According to an old saying, if you throw a frog into boiling water, it will jump out, but if you heat it up in the water the amphibian will boil without complaining. And that may be the fate that awaits Czechs: “Unfortunately we’re a people who are used to reacting only when something goes very wrong, and I’m afraid this is exactly what’s in store for us.” Špidla warns.

Aleš Špidla, author of the Strategy for Cyber Security of the Czech Republic for 2011 – 2015

A recent survey conducted by Google and Boston Consulting Group shows just to what degree the internet has become an integral part of our society and central pillar of the economy. According to the report, in 2009 the internet in the Czech Republic generated an estimated Kč 130 billion which accounted for 3.6 percent of GDP – a higher percentage than in most other central and east European states. That’s more than traditional large sectors such as banking, telecommunications and agriculture.

Currently the internet industry in this country provides around 25,000 fulltime jobs and wages amounting to a total of approximately Kč 200 billion. Some 6.5 million Czechs are connected to the internet and according to estimates the sector in the Czech Republic is growing at around 12 percent annually. At this rate it will account for 5.7 percent of GDP in 2015.

“Now our dependency is already total. And when the time comes when it could collapse, it will be very bad,” Špidla says, adding that the government should focus on critical infrastructure, i.e. electricity and the grid, the gas network, the health system and other sectors of prime importance.

Virtual threats – real consequences

“Today, if I wanted to rob a bank I would first hack into the traffic control system and set all the traffic lights to green. When you see me going fast on a bike with a rucksack on my back, you’ll know I was successful. And that’s the basic principle: cause chaos in one place and do damage in other. That assassin in Norway even used this [principle]. Unfortunately our dependence on the internet and communication systems lends itself to this,” Špidla says. Even the human body could become a battlefield in cyber combat

Špidla names Russia’s invasion of Georgia in 2008 as an example of a state effectively using cyber warfare: “They [Russians] started by inundating [Georgia] with irrelevant information, communications between the government army and citizens were plunged into chaos, the system collapsed and the Russian tank crews just whistled as they entered the country.”

Another example of a major cyber threat was the Stuxnet worm last year – the first virus designed to take control of and then sabotage an industrial system. It managed to attack 45,000 computers before it was identified. The target of the attack was most likely the Bushehr nuclear power plant and the Natanz uranium enrichment facility in Iran. The level of sophistication of the virus led experts to conclude that the virus was developed by professionals in the military.

“When Stuxnet appeared it was said that one of its functions could be that when it infiltrated a nuclear plant, it would give the technicians information that everything was functioning normally, but would cause the reactor to explode behind their backs,” Špidla says of the Stuxnet virus.

Even the human body could become a battlefield in cyber combat: At this year’s Black Hat conference in Las Vegas, computer security expert Jay Radcliffe explained how he had developed his own program to control his insulin pump. “First I said to myself that from a technical point of view it’s great. Then I realized that the system which was actively keeping me alive isn’t at all safe, then it didn’t seem so great,” Radcliffe told the media.

Show comments

Popular content