Critical infrastructures, cyber crime
Hiding behind a black box and hoping no one hacks it has regularly been shown to be unwise and less secure.
August 15, 2023
•
,
2 minutes. Light
We read about hacker attacks on law enforcement radio systems, then attended the Black Hat session and wondered about the motivation for this type of attack. Years ago, and probably always at DEF CON, breaking everything was a priority, maybe just for lolz. But the antennas of nation-states will almost certainly be raised with this news. Expect more attacks soon, the kind you may not have heard of.
Attacks against critical infrastructures
Years ago we were asked whether the first attacks on critical infrastructure were just one-off incidents or whether we could expect to see more of them. Then everyone understands that the threat is real, especially for ideologically motivated attackers, as in wartime operations.
Ransomware was a natural extension, but it poses a different question regarding domestically motivated attackers who simply want to gather information undetected for as long as possible. By extension, the question also arises of who is already sitting in law enforcement networks.
Legacy networks used in many strong communications environments are expected to function – even in natural disasters – for decades, just like dams, water treatment plants and the like. They are more concerned with reliability, but much less with security. Even if their security suddenly took center stage, it is not obvious that these systems have the capabilities to meaningfully implement security at any significant level, especially older legacy systems.
Reluctant sellers
One of the speakers cited the general reluctance on the part of the crew of proprietary Tetra radio systems to use anything other than proprietary encryption, which the speakers have broken in several ways. The European Telecommunications Standards Institute (ETSI) thought so. have dark, proprietary encryption seemed much safer than using an open and largely vetted algorithm, even if presented with more weaknesses.
During the talk they also presented evidence that nation-states had previously shown a lot of interest, and perhaps access, to Tetra-based equipment in national security contexts, so this is nothing new, just murky.
One of the obstacles preventing researchers from taking a look at the equipment is the extreme reluctance of hardware vendors to gain access to hardware and software. Not many researchers have the budget for the expense large sums to have a chance to prove there are problems, so they don’t. This means that only nation-states – those with the greatest potential interest – would be sufficiently motivated… but it is likely to exploit, not solve.
Furthermore, with the more and more chilling The global environment surrounding the export of technology that could be used by a future enemy is chilling effect on the ability and likelihood of better encryption being widely used (since Tetra radios are pretty much everywhere globally in some form) due to export restrictions, which could further reduce future security.
Part of Black Hat is about studying to understand problems so they can be solved, thus helping us all be safer. Hiding behind a black box and hoping no one hacks it has regularly been shown to be unwise and less secure; We hope that the emergency communications workers we all rely on for support during critical events are not just unwitting victims.