The latest security threats could be happening above our heads

Security roundup: Cyber threats from drones, plane Wi-Fi hacks, system risks from IT pros

This week we take a look at how drones could be the next cyber threat – and more – in our security roundup.

A drone laced with radiation which landed on the roof of the Japanese Prime Ministers’ office could just be the tip of the iceberg, says a British cyber security company.

Sam Temple, managing director of cyber security company JUMPSEC, said: “This incident raises serious questions about the use of drones for terrorist or criminal activity.”

He added: “In this case the drone carried a bottle of water contaminated with the radioactive element caesium. There are reports that the drone was marked with the radioactivity warning sign, prompting speculation that this was a hoax or public stunt by anti-nuclear protesters. Whatever the reason, it is clear that the threat posed by drones is increasing; indeed this incident could be the tip of the iceberg.”

The FBI has also issued a warning about potential security issues in the air, but rather than drones, it’s warning that some passengers maybe be able to use on-board Wi-Fi networks to access a plane’s controls.

“The fact that the FBI has issued an alert to airlines over Wi-Fi hacking is a stark warning of the emerging risks we face as the world we live in becomes increasingly connected. However, it’s important that such warnings are not taken too literally, as currently such threats are purely theoretical,” said Andrey Nikishin, head of future technology projects at Kaspersky Lab.

“It’s easy to assume that an intruder with a laptop can easily seize full control of a plane. However, in reality, it’s not that simple. In a modern passenger plane, the AFDX network (which transmits the avionics data used to control the plane), is isolated from the passenger network by a firewall. However, in theory, an attacker might succeed in influencing the data coming from the health monitor, navigation or weather report systems. While this would require familiarity with the relevant protocols and an understanding of the data formats involved, it’s possible.”

Elsewhere, Netwrix has released the results of its 2015 Stat of IT Changes survey, which revealed that two out of three IT pros put systems at risk of downtime and security violations.

“Human factor is the key to informational security and its pain point at the same time,” said Alex Vovk, president and co-founder of Netwrix.

“No matter how advanced the security policy is, people still make mistakes and from time to time misbehave, putting overall system security and business continuity at risk. In this case, automated auditing processes can help companies keep their IT systems under control and make sure that any deliberate or accidental changes will be detected and addressed properly to eliminate the risk of a data breach.”

In other news
Kroll Ontrack has found that nine in then SQL restore requests come from human error, meaning that DBAs are spending numerous hours every month dealing with requests that could’ve been avoided.
F-Secure has launched Freedome for Business to help businesses secure BYOD and company-owned fleets of mobile devices.
Mailprotector has discovered that businesses lose more than £34,000 a year on managing unwanted email.

Image source: Shutterstock

Check Also

Salt Security strengthens CrowdStrike partnership with new integration

Salt Security has expanded its partnership with CrowdStrike by integrating the Salt Security API Protection …