The Cascade Effect

GostHacked · August 2, 2019

I've been using this term to describe technology for a few years, specifically talking about how things are going to fail. The more things are connected, the more problems on a large scale you are going to see.

I am going to use modern cars as an example.

https://www.ctvnews.ca/autos/new-cars-vulnerable-to-hacks-that-could-leave-thousands-dead-report-1.4534027

Quote

A consumer advocacy group has warned that automakers are rolling out new vehicles increasingly vulnerable to hackers, which could result in thousands of deaths in the event of a mass cyberattack.

In a new report entitled "Kill Switch: Why Connected Cars Can Be Killing Machines And How To Turn Them Off," Los Angeles-based Consumer Watchdog said cars connected to the internet are quickly becoming the norm but constitute a national security threat.

"The troubling issue for industry technologies is that these vehicles' safety-critical systems are being linked to the internet without adequate security and with no way to disconnect them in the event of a fleet-wide hack," the report said.

Imagine needing anti-virus and firewall protection for your car when it is connected to the grid. Same for your home. And the more things are connected more, the less privacy and security you will actually have. Your smartphone is already proving that.

I deal with IT stuff every day and I see these kind of issues daily. One service goes down, but it is connected to some many others and those services are affected. It's all this cloud technology. The tech is also advancing at an alarming rate and we have barely wrapped our heads around what we got and how vulnerable it is.

The transport companies currently using a lot of this technology are at risk of these hacks and wide spread issues and outaged. A good friend of mine showed me how connected transport trucks are and it's staggering. Now mind you the tech really is to monitor the vehicle (grabbing 300 different datapoints) but they will be the first to go fully automated before cars and such.

The other issue is the liability. Who is to blame when this tech fails or someone hacks it and people die? What happens when an automated truck fails , plows through other vehicles killing many people. Sure the risk is there with a human driver, but instead of one truck, all of the interconnected vehicles can all fail at the same time.

We see large hacks all the time on banks and such, 106 million accounts from one bank recently.

An outage on Amazon's servers have caused Youtube, Google, and Facebook outages.

A glitch in the system at an airport can make it come to an instant halt, no one is landing, no one is taking off.

It's very concerning.

eyeball · August 2, 2019

So there's no hope that some benign Mom-like AI will just take over and keeps us all safe and make everything alright or is that too much like science fiction? I have to say some of the sci-fi I read in the past along these lines seems quaint in comparison to the future that is unfolding before us.

With our luck and given how we seem to like governing ourselves our Mom AI will probably be more like this,

Image result for Blues Brothers Penguin

OftenWrong · August 3, 2019

23 hours ago, GostHacked said:

The transport companies currently using a lot of this technology are at risk of these hacks and wide spread issues and outaged. A good friend of mine showed me how connected transport trucks are and it's staggering. Now mind you the tech really is to monitor the vehicle (grabbing 300 different datapoints) but they will be the first to go fully automated before cars and such.

It's very concerning.

Rather like a domino effect when it happens. Imagine hackers release a virus that affects the whole network, in such a way that cars go completely amok.

CAN-bus systems, or similar are commonly used to control complex machines such as vehicles. Each CAN node is a small remote terminal unit that communicates with the main program. It is two-way communication. If the communication fails in any way, the CAN-node is capable of running its own program independently. Not that it can necessarily drive a car on its own but it goes to the default state of the program, which can be as simple as stopping all vehicles. But you are right that it will pose a security risk and create another technology war. For humans, it shall ever be thus.

GostHacked · August 5, 2019

On 8/3/2019 at 10:18 AM, OftenWrong said:

Rather like a domino effect when it happens. Imagine hackers release a virus that affects the whole network, in such a way that cars go completely amok.

CAN-bus systems, or similar are commonly used to control complex machines such as vehicles. Each CAN node is a small remote terminal unit that communicates with the main program. It is two-way communication. If the communication fails in any way, the CAN-node is capable of running its own program independently. Not that it can necessarily drive a car on its own but it goes to the default state of the program, which can be as simple as stopping all vehicles. But you are right that it will pose a security risk and create another technology war. For humans, it shall ever be thus.

Domino, cascade.. yes. It's the interconnected and interdependent services that all talk to each other at the same time to provide the ease of data transfers. Cloud technology is nice and easy, but damn so many risks and it gets connected to a lot of other things.

Some systems should be 100% isolated, but are not. Crypto viruses have been the most effective form of cyber-terrorism that I have seen recently. And the only way to get back up is to restore from back ups (what you did not do any back ups?) . City of Ottawa got one, they paid over 100Gs to the hacker and I am not sure if they got their data restored. Johannesburg in South Africa has their water system targeted and that caused a good amount of havok. Not sure if that was ever resolved.

I've dealt with crypto viruses for about the last 3-4 years and since it was introduced, for my work we developed a quick restore process for our clients that get crypto. Saving our clients their business and lots of money at the same time.

https://www.sciencedirect.com/science/article/pii/B9780124104914000051

This used the blackout of 2006 in the east part of North America. A simple failure in how a power pant handled a certain event led to the power being out for at least 4 days and at the most from what I heard two weeks in some areas. And after the last 13 years, systems have been way more interconnected than they need to.

Michael Hardner · August 6, 2019

This is a safety issue, and as such we are as safe as the systems sent up to protect us.

Government probably should have a role, but it's not a cure-all to have them involved either. The more cooks in the kitchen, the more complexity, the more leaks, the more potential for error.

GH, you have pointed out a new angle I haven't thought of. We are already at risk, IMO, with our pervasive use of a small handful of services such as Amazon, Google Cloud, and MS Azure. The so-called grid could conceivably be held ransom and it would be more effective than any nuclear threat ever was.

GostHacked · August 7, 2019

18 hours ago, Michael Hardner said:

This is a safety issue, and as such we are as safe as the systems sent up to protect us.

Government probably should have a role, but it's not a cure-all to have them involved either. The more cooks in the kitchen, the more complexity, the more leaks, the more potential for error.

GH, you have pointed out a new angle I haven't thought of. We are already at risk, IMO, with our pervasive use of a small handful of services such as Amazon, Google Cloud, and MS Azure. The so-called grid could conceivably be held ransom and it would be more effective than any nuclear threat ever was.

Some government action needs to happen as much as I am against it. We have a technocracy where these tech giants are having more of an impact on our lives than the Government. And the government is one of the problems where it cannot afford to adapt much of the new tech to understand the impact it would have. And when they do implement new things without thorough testing. Canada's Phoenix pay system is a good example of that.

Let's hope that critical systems of a nuclear power plant are isolated. Stuxnet might have been one of the earliest versions of ransomware.

https://www.fortinet.com/blog/threat-research/lockergoga-ransomeware-targeting-critical-infrastructure.html

Quote

Discovered early this year, LockerGoga is a new ransomware family that has been detected attacking industrial companies, severely compromising their operations. The file-encrypting malware’s entrance to the scene began when it was allegedly involved in attacking an engineering consulting firm based in France. Just two weeks ago, it made headlines again for crippling the operations of the an international manufacturer. And shortly thereafter, two American chemical companies were also reported to have been hit by the same malware.

At the moment, there are very limited details as to how this malware got into their systems, but there seems to be a high possibility that the campaigns were targeted and conducted in a multi-stage scheme. Building on that premise, the fact that the malware’s execution needs administrative rights suggests that the attackers had previously gained high system privileges in an earlier stage of the attack.

Couple this with social engineering to find a possible insider to compromise.

There are many different methods to take certain systems down now. And much of that can be done remotely.

There is a reason I have an issue with much of this smart home technology. It faces the same risks. And when some of these devices depend on external services they will be unusable when those supporting systems go down. We've become super dependent of a lot of this new tech.

https://www.nature.com/articles/srep44499

This article seems to argue for more interdependence between systems, but I see that as a flaw overall. The article touches on weather events, cyber terrorism, and power spikes. But still seem to point to the notion that there is a large risk of a cascade event.

https://phys.org/news/2018-05-failures-power-grids-dynamically-cascades.html

Again, power grid.

https://www.technologyreview.com/s/423907/failure-cascading-through-the-cloud/

Now this is back in 2011. Systems are more robust making cloud technology quite reliable these days. But outage events happen all the time. I use many cloud systems for IT administration and some of them are connected or dependent on each other. If one system is down, then others can be affected. It's the reason you can't log in at that time, your transaction cannot be completed, your hotel booking got cancelled or changed.

I guess the most vulnerable systems physically and technologically is the power grid. And if you take that down, everything else comes to a stop eventually.

So there are many entry points that can cause one of these failures. Many corps are simply not up to date with tech that will help protect themselves and only upgrade when something major happens. There are a few that will be on top of that as much as they can, but the technology is advancing at an amazing rate and it's expensive to keep up.

..

Let's go with a cyber attack on Walmart and it's supply chain getting taken down by some ransomware or computer glitch. Let's say it takes 1 week for them to resolve it. What kind of impact does that really have? Everything from suppliers not being able to move/sell their stuff. Walmart warehouses and stores can't take orders and/or make deliveries. How many suppliers globally does Walmart have? The bigger the company the bigger the bigger risk of one of these events.

GostHacked · August 19, 2019

Hacks can cause these types of scenarios as well..

https://www.bbc.com/news/technology-49393479

Quote

Officials did not release specific details of the affected departments or say whether the cyber-criminals had specified a ransom amount.

Ransomware is a type of malicious software that cyber-criminals use to disable a computer and its data until a ransom is paid.

Hackers have targeted a number of US states this year, paralysing government computers in New York, Maryland and Florida.

In May, hackers seized control of thousands of government computers in Baltimore.

The attack disabled email accounts and prevented online payments to city departments for weeks

Take out a city's ability to operate and you have a decent problem on your hands.

eyeball · August 20, 2019

1 hour ago, GostHacked said:

In May, hackers seized control of thousands of government computers in Baltimore.

The attack disabled email accounts and prevented online payments to city departments for weeks

The article above notes that Baltimore has been "long plagued by dysfunction" which probably contributed to its vulnerability. That should be the first heads up and clue to any other jurisdiction looking to prevent this, same as any individual who isn't exactly on the ball I suppose. I get how things could cascade and affect entire cities or worse but it also seems hackers are focusing on picking high-hanging corporate and government fruit where the payoff is apparently worth their risk. Hopefully individuals aren't as tempting.

Whatever happened to ethical hackers, shouldn't there be some super-hero like band of stalwarts keeping us safe from this sort of thing or do we have to wait until some AI threatens to hack the whole freakin' interconnected shebang and turn us all to the Borg?

Edited August 20, 2019 by eyeball

GostHacked · August 20, 2019

13 hours ago, eyeball said:

The article above notes that Baltimore has been "long plagued by dysfunction" which probably contributed to its vulnerability. That should be the first heads up and clue to any other jurisdiction looking to prevent this, same as any individual who isn't exactly on the ball I suppose. I get how things could cascade and affect entire cities or worse but it also seems hackers are focusing on picking high-hanging corporate and government fruit where the payoff is apparently worth their risk. Hopefully individuals aren't as tempting.

Whatever happened to ethical hackers, shouldn't there be some super-hero like band of stalwarts keeping us safe from this sort of thing or do we have to wait until some AI threatens to hack the whole freakin' interconnected shebang and turn us all to the Borg?

The problem with cities is that they are a government type entity. Governments are always trailing behind the public sector in terms of keeping the hardware and software up to date.

https://www.cbc.ca/news/canada/manitoba/ransomware-marymound-attack-1.5034950

This one got it right. They have regular back ups of their information which is the only way to recover from ransomware. However many corps are not in this kind of position to handle that specific scenario.

You cripple a hospital with ransomware and you can cause a LOT of problems.