The Heart And Core Of All We Do, Is Chip Based.
The Computer Is Not As Safe As You Think!
By Nick Ashton, CEO/CTO CommSmart Global Group of Companies
Updated: This information has just been released by the FBI
I talked about how hackability of any transportation system is more than possible. This was brought about by the disappearance of the Malaysian Air MH370.
A client in transportation asked us the feasibility of such an event, knowing we fully understand both the security and hackability of computers. When you are the leader in end to end secure communications, you must under stand the good, bad and ugly capabilities of computers and their vulnerability.
A client in transportation asked us the feasibility of such an event, knowing we fully understand both the security and hackability of computers. When you are the leader in end to end secure communications, you must under stand the good, bad and ugly capabilities of computers and their vulnerability.
Do not expect me to describe how this is done!
My background is not just computers, terrorism has played a large part in my life, or should I say, counter-terrorism. It is the mind-set of these cyber and violent individuals, their reasons that are similar and connected in nature.
When we saw how fanatical the pilot was in his simulator of the 777 in his house, you know this was not just a regular guy.
It is a fact that TRUSTED REMEDY protects all end to end data in motion and is required by all that have security issues.
I brought this up with a City we are in conversation and finalizing them using TRUSTED REMEDY. This will ensure all their data is to be secured and the residents personal information will not be compromised, that includes their online/direct bankcard payments. In fact very forward thinking in showing concerns for their city and citizens.
All companies need to review their computer protection and that includes one industry we all use, banking! More data in motion is used by retail and banks in the transactions of payments that you can imagine. KEYTALK will secure it solidly!
Here is the story we wrote on the Malaysia plane incident:
Hackability Of All Computers Is Not Pie In The Sky!
By Nick Ashton, Founder, CEO,
Tracometry Group of Companies.
On
receiving a phone yesterday and being ask about the possibility of hacking or
phishing an aircraft on-board computer system, we thought for blip and stated, “Of Course It Can!”
A computer
is a computer, is a computer! The
question came from a client who is in an industry that has computer aided
devices and wanted to know, if hacked, could the operation of said devices be
controlled by someone else.
Of course it can.
We saw on the
NBC Today Show how they hacked a Prius and took total control, of
acceleration, braking, steering, airbags, in fact anything that was connected
via the onboard computer. I know this
not what you want to hear.
The
question was asked because of the disappearance of the Malaysia flight MH370 on
a journey from Kuala Lumpur to Beijing.
This is a total mystery and is a concern to all.
We have no
knowledge of what has happened, but we have logical questions and offer no
solid answer, only possibilities, which in turn, need to be addressed by all manufacturers
of devices that they have on-board or are computers.
All
aircraft such as Boeing 777 has a full computer server installed and runs all
functions of the aircraft. By hacking the
said aircraft servers, this might enable the exploitation of the network
security vulnerabilities and increased risks potentially resulting in unsafe
conditions for the aircraft and passengers.
This potential exploitation of
security vulnerabilities may result in intentional
or unintentional destruction, disruption, degradation, or exploitation of data
and systems critical to the safety and maintenance of the aircraft.
As you can
appreciate we understand these things because of our business in analytics and data on the move protection. We decided to dig a little deeper and the
team started the research with our unpaid staff member, Google.
With only four words in the search box, we
found lots of information and it only took us to page two of the search and we
came across something that was and is, extremely concerning.
A federal
register document:
FULL TITLE:
Special Conditions: Boeing Model 777-200, -300, and
-300ER Series Airplanes; Aircraft Electronic System Security Protection From
Unauthorized Internal Access
EXCERPT:
Discussion
The integrated network configurations in the Boeing
Model 777-200, -300, and -300ER series airplanes may enable increased
connectivity with external network sources and will have more interconnected
networks and systems, such as passenger entertainment and information services
than previous airplane models. This may enable the exploitation of network
security vulnerabilities and increased risks potentially resulting in unsafe
conditions for the airplanes and occupants. This potential exploitation of
security vulnerabilities may result in intentional or unintentional
destruction, disruption, degradation, or exploitation of data and systems
critical to the safety and maintenance of the airplane. The existing
regulations and guidance material did not anticipate these types of system
architectures. Furthermore, 14 CFR regulations and current system safety
assessment policy and techniques do not address potential security
vulnerabilities which could be exploited by unauthorized access to airplane
networks and servers. Therefore, these special conditions are being issued to
ensure that the security (i.e., confidentiality, integrity, and availability)
of airplane systems is not compromised by unauthorized wired or wireless
electronic connections between the airplane information services domain,
aircraft control domain, and the passenger entertainment services.
For the reasons discussed above, these special
conditions contain the additional safety standards that the Administrator
considers necessary to establish a level of safety equivalent to that
established by the existing airworthiness standards.
So, back in
August, 2012 Boeing applied to make changes to software onboard the
aircraft. I will not bore you with all
the detail here. You can go to the
Internet and review for yourselves.
https://www.federalregister.gov/articles/2013/11/18/2013-27343/special-conditions-boeing-model-777-200—300-and—300er-series-airplanes-aircraft-electronic-system
It states right at the outset of the
document:
The proposed architecture is novel or unusual for
commercial transport airplanes by enabling connection to previously isolated
data networks connected to systems that perform functions required for the safe
operation of the airplane. This proposed data network and design integration
may result in security vulnerabilities from intentional or unintentional
corruption of data and systems critical to the safety and maintenance of the
airplane. The existing regulations and guidance material did not anticipate
this type of system architecture or electronic access to aircraft systems. Furthermore,
regulations and current system safety assessment policy and techniques do not
address potential security vulnerabilities, which could be caused by
unauthorized access to aircraft data buses and servers.
In simple
terms why have we not covered this and made changes to protect the aircraft and
passengers? Now we are allowing Internet
on aircraft! I mean, the knowledge of
hacking, phishing and brutal attacks has been around in one form or another for
a lot of years. After all, KEYTALK
has been protecting data on the move for over twenty years plus, so someone had
to know!
The door is
wide open on any computer system for compromise and serious consequences. Not just the hacking of Target, who were the bull’s-eye
for being the center of customer data and information theft of up to 140
million records of their customers.
Can this be rectified
quickly, effectively and not cost prohibitive?
YES!
It is all about a secure connection. We are using passwords for this, passwords
for that, pin numbers and they are all created by humans. Created by humans and stolen by lowlife
humans!
Our philosophy is simple, make the device (Server,
Desktop PC/Mac, Laptop, Tablet or Smart Mobile Phone) the access
point. The devices DNA is the Key, hence TRUSTED REMEDY.
We create a bomb-proof tube that is the connection, all data in motion that travels is 100%
secure. The log on is a short lived
certificate, which is encrypted beyond the normal encryption level used in government
or banking. Once verified, it becomes a
direct connection to do its business.
Nothing of this connection, once completed, is left on the originators
device whatsoever.
Corporations can use this for BYOD (Bring Your Own Device)
with the security that pleases even the IT Department. In fact, you can use this connection via a hotel
or public hotspot without being seen whatsoever.
Anonymously sending information and the
hacker has no idea that you are doing so.
So, today we talking with our client to expand his usage
and you, can also call us and understand that we have the answer.
Worldwide Call: +1 (614) 655-1247
Email: INFO@COMSMART.US
Copyright 2015
