"The 5 Coolest Hacks Of 20122


 Nothing was sacred -- the nation's airspace, home power meters, videoconferences, and, in an ironic twist, popular cybercrime tools

Quelle: Dark Reading vom 27.12.12

It's common knowledge nowadays that pretty much any device with a network interface -- or a USB port -- is hackable. As soon as a new technology or gadget arrives, some inquisitive security researcher starts to hammer away at it in a race to find flaws in it before the bad guys do. This year was no exception.

Warum sollten davon Smart-Themen ausgenommen sein?

2. Airplane Hack
The FAA's new air traffic control system has holes so big that a fake plane could fly through them.

A researcher at Black Hat USA in July gave a chilling presentation revealing several weaknesses in the key component of the FAA's next-generation Automatic Dependent Surveillance-Broadcast (ADS-B) system, the replacement for the agency's decades-old ground radar system for air traffic control. The flaws could allow someone to inject their own messages into the system, posing as an aircraft, and these messages are unencrypted and therefore wide open to snooping.

Andrei Costin, a computer scientist and graduate student at Eurecom, says the system has no authentication feature for messages. "Any attacker can pretend to be an aircraft" by injecting a message into the system, he says. ...

Sehr beruhigend.

3. Infiltrating The Smart Meter

All eyes have been on the smart grid, with its state-of-the-art technology and potentially more secure infrastructure than legacy critical infrastructure systems. But like any new technology, it has its flaws security-wise, and in one case, in the infrared "eye" in the smart meter itself. (...)

Weber and his team found some major vulnerabilities in the devices; the tool is aimed at helping a utility spot those holes, such as being prone to a brute-force password attack on the infrared smart meter. An attacker then could grab configuration data and shut off the device or perform other sabotage. "Once you can talk to the meters, you can program them to do anything you want," Weber says.

Das ist wohl erst der Anfang ...

















3. Infiltrating The Smart Meter