Cybersecurity

Your refrigerator is safe from cyberattack ... for now

cars

As more and more cars become network-connected, they will also become vulnerable to hackers who could take enough control to do everything but steer. (Stock image)

Think about this next time you're commuting to work or putting those left-overs away in the refrigerator: In the very near future, Internet-connected vehicles and kitchen appliances could become targets for malicious cyber-terrorists.

The Center for Automotive Embedded Systems Security (CAESS) has already shown it's possible for a remote user to take near-complete control of a vehicle through vulnerabilities in its telemetric systems, via a device connected to its onboard diagnostic systems, or even through malware embedded in MP3s.

It's scary stuff, according to Randy Garrett, a program manager for the Information Innovation Office at the Defense Advanced Research Projects Agency (DARPA), and more evidence that cyber-security challenges in the future will dwarf those of the past.

"Up until five to 10 years ago, there was no danger of someone remotely taking over your car – now somebody can take it over" and do everything but steer it, said Garrett, speaking at the Federal Cloud Computing Summit in Washington, D.C., on May 30. In separate CAESS studies, remote attackers proved they could gain access to a vehicle's integral systems, including its brakes.

The danger doesn't end in the driveway. Microwave ovens, dishwashers and other kitchen appliances are increasingly connected to the Internet. A hacker could feasibly remotely adjust a microwave's heat settings, Garrett said, though he is unsure what these new threats – some clearly greater than others – will mean going forward.

He referenced the growing importance of the "Internet of Things," a concept coined in the late 1990s that describes a world in which physical objects have virtual identities and the ability to rapidly capture and disseminate data without human interaction.

The heart of the Internet of Things is exponentially increased data production by machines, sensors, computer systems and people. DARPA, for example, studies data from sensors on aircraft. In the near future, Garrett said, that data will be meshed together with other datasets – perhaps social media or geospatial data – to produce high-value insights. It is already clear that such data sets would have significant importance in national security.

The tradeoff to these increased capabilities, though, is a new set of dangers – many of which have not yet been conceptualized, at least not publicly.

"There are many things we can do with this increased data," Garrett said. "From DARPA's standpoint, there are dangers we never had before. It makes you wonder what kind of world we'll have."

About the Author

Frank Konkel is a former staff writer for FCW.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Wed, Jun 5, 2013

Can someone explain to me the value of having my appliances connected to the internet?

Wed, Jun 5, 2013 John Schrader DC Metro Area

The potential for harm in the "internet of things" is real. However, it is a choice. Unlike the rules and laws of physics which govern air, land, sea and space, the cyber arena is defined by rules we CHOOSE to implement. So we are hung by our own petard if we complain that the gains from interconnecting things is balanced by the vulnerability we introduce to our systems. There are real and tangible effects that can be perpertrated through cyber means far beyond the investment needed to make them. So what are we choosing to connect and why? The headlong rush to connect everything seems devoid of the questioning and deliberateness of the most important work...WHY.

Wed, Jun 5, 2013 EricE

I look forward to explaining to my family how to set up a second, secure network for all their appliances :p Or Symantec Antivirus for Kitchens. Lovely.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group