Critical digital infrastructure: Why societies are becoming so vulnerable to cyberattacks |Techtopia
ฝัง
- เผยแพร่เมื่อ 6 ก.ค. 2022
- For weeks, a cyberattack paralyzed the German district of Anhalt-Bitterfeld in 2021, bringing its whole administration to a standstill. It was a stark illustration of how hackers can knock out entire communities in milliseconds - and how digital technology has become vital for running our societies.
Such “critical digital infrastructure” helps boost efficiency. But it also makes communities ever more vulnerable to hacking. And attacks are on the rise. In this episode of Techtopia, DW Chief Technology Correspondent Janosch Delcker investigates how a criminal industry makes billions by taking computers hostage - and how governments can use similar methods as a political weapon.
Subscribe: th-cam.com/users/deutsche...
For more news go to: www.dw.com/en/
Follow DW on social media:
►Facebook: / deutschewellenews
►Twitter: / dwnews
►Instagram: / dwnews
Für Videos in deutscher Sprache besuchen Sie: / dwdeutsch
videos like this are good motivation for me to keep studying computer networking and cybersecurity
I hope it goes well m8
Thank you for your comments..write ✍️ to me👆👆👆
@@justiceperez3087 Thank you for your comments..write ✍️ to me👆👆👆
We can safe humanity by contributing our quarter in protecting our networks and information structure. I’m also an IT student
I am a final year computer science student, I wanted to pick VR development as my specialisation. My brother landed me a trainee position at a cyber security firm, since then, I realised this is my calling. And since then I am paranoid about everything I do on and offline 😂
The gasoline-related attack mentioned at 12:10 only affected the company’s billing system. The actual gasoline system was perfectly safe and untouched the entire time. It was perfectly possible to distribute gasoline the entire time. The only thing affected was the ability to profit from it.
they cant say that because it is not fearmongering
While that's technically true, there was still a fear that the attack could spread to the operational tech. Also, it was kind of interesting that they only needed to stop the billing system in order to stop the flow of gas.
@@julianbrown3100 We should look very skeptically at the phrase “there was still a fear that…” because it puts weight behind unsubstantiated fears. If there’s some objective cause to believe that there’s the technical capability to attack the gasoline itself, that’s important. If there’s reason to think they wanted to or were willing to, that’s important. But just treating fears that aren’t connected to reality as if they deserve serious response is how you get wild overreactions and in foreign policy the consequences of that can be extremely bad.
Also the fact that the profitability of a private company can cause the loss of crucial infrastructure tells us that we have a critical infrastructure weakness in allowing private profits to carry more than they should. We can build defenses by, for example, having an emergency purchase/sale agreement in place in the event of an emergency. Something that would kick in as soon as the private company loses its ability to provide basic necessities in the ordinary course of business. That way the amount of loss is lessened.
@@twestgard2 It's been quite a while since I looked into this case, but if I remember correctly, there was no microsegmentation to separate the OT from other systems. So, yes, the fear that the attack could spread to the OT was (very much based in reality and) material during Colonial's mitigation and remediation efforts.
The threat actors in question ultimately regretted the attack, since it brought too much attention to them. But it would be foolish to think that we could trust in future threat actors' goodwill or good intentions in staying away from critical infrastructure. I'm not usually one to fear-monger but this particular case should serve as a wakeup call - and it did, as we saw from the many, many white house/CISA statements on cybersecurity in critical infrastructure, supply chains, and private enterprise to come out in its wake.
Your suggestion for an emergency purchase agreement sounds interesting. I'm not sure if the niggly practicalities would work out, but it could ensure that 'the spice flows.'
@@julianbrown3100 yeah, my point is not that cyber threats don’t exist or aren’t serious. They do exist and they are serious.
My point is that our choices about how to build and distribute the critical infrastructure were poorly conceived, in two specific ways: one is that we overly rely on privatization and the required profits of that system are what shut down the system. We can make different choices there, such as an emergency taking when and if the for-profit system fails to function. The second thing is that we concentrate infrastructure in a misguided concept of efficiency, which is the direct opposite of safety redundancy in engineering. The gasoline shortage could only happen because there was one company that was too big to fail and that’s a structural vulnerability that we are building into our own armor. We should break up monopolies as a matter of national security.
They do not need for a user to type their credential, most of the time they have done some reconnaissance and they have apayload designed to exploit know vulnerabilities that the target is likely to have. just going to a web site or opening the attachement can be enough to download that payload.
Thank you for your comments..write ✍️✍️ to me👆👆
What is very suspicious is, that neither the governments, nor the police, nor the secret services and most suspicious, that investigative journalists do never identify the cyber criminals nor have them arrested unless it is convenient for them privately and personally.
Not like the days of the closed system I trained for. You weren't connected to the internet, just a private network - a REAL private network.
Great short documentary.
We need to use the best technologies. In fact, we must use the best possible tools to mitigate risks. However, it's all gone if we do not train everyone on how to avoid the threats.
A few years ago, I heard many times, "All companies will become IT companies or will be left behind". Now, those companies also need to be security companies by design. Security tools, processes and personal training are a must-have for any company. As a company, if you do not invest time and money continuously in tools, processes and personal training, then you (the company) are significantly at risk.
"we must use the best possible tools to mitigate risks"
Yes. And you must develop those tools!
Go to work now! You must save the world!
@@21stcenturyscots Yes. I am a developer!
The future is digital infrastructure interconnectivity, and cyber security will be critical going forward.
A simple solution would be to disconnect from the internet .
DW documentaries, short and long, are always so well done. It is easy to follow the storyline--you keep your viewers engaged from beginning to end.
I really good video, but watchers should be skeptical of some of the solutions. There was an implication in the video that companies and governments should assume cyber attacks will succeed and possibly focus effort and money on hiring cybersecurity professionals to clean up messes more than prevent attacks. People should be aware that cybersecurity companies may be motivated to act like pharmaceutical companies and push cure over prevention, since cure will be more profitable. Tools and resources should consider prevention tactics like secure browsers and zero trust models at the user level as well as monolithic backend, data center solutions.
12:20 This would be very hard to do. That's like saying. "Robbing a bank is bad but if you try to rob 10 banks at once it'll be worse!". The bigger the crime the more people involved and the higher the chance of leak or capture before it starts.
At the same time costs for getting certified in IT is redicules expensive. So the costs for schooling and reschooling should come down to get more IT workers. I get companies want the best of the best but they need to settle for more average workers than a few of the best.
remove the motivating factor.
abolish money
Mmm kali is such an awesome learning tool. Jack the ripper was da bomb back in the day.
Nowadays, its easier to use a RaspberryPi with a base debian install an installing what tools you need.
Remember: if you find something, report it to the relevant operators. Never use what you find for malicious purposes.
I expected better information on the perpetrators.
Wait, does that mean IT technicians are the soldiers of tomorrow?
This is scary since this can devastate economies and can also stop major trade of the countries. Maybe further development in Quantum computing could solve this problem. But it is a two sided coin indeed.
I fear for the transatlantic cables...
Cut the hard lines!
Damn.
Problem is you just use all that tec on your own people.
I also wants be an ethical hacker
Thank you for your comments..write ✍️ to me👆👆👆👆
So they had no backup and no anti-phishing training. Utter incompetence.
The cannary in the coal mine. :D
07:22 - 07:33 "We lost all Mails from the last 20 years." ... ooooh, how I´d love to hear that..I´d break out the champaign and stop working. For every request I´d shrug my shoulders and say something like: "I´d love to help, but you know...the emails..." and I´d let my voice trail of...
I guess the Landkreis didn't get the "digital transformation" memo...
Ration should star soon
canary in the coal mine.. lesson from mistakes, over and over.
I have zero idea how to protect myself from an hacker but I have done a basic thing.
I keep two different sim cards, one in a smartphone and another one in a tablet.
The smartphone is used for contacting with others, via phone calls and social media platforms but there is no critical data stored in the smartphone.
While whatever essential files and documents I have to save are saved in the tablet and the number of the simcard in Tablet is completely private. There is no transfer of files, folders and other information from the tablet with other devices, but only by my smartphone.
Thank you for your comments..write ✍️ to me👆👆👆
Simply don't do anything, whatever you do you are in his hands. The more you try to do something the more you encourage him to torture and steal your work.
Cyberattacks shouldn't be so common. It's poor system architecture and software. One day only trusted IPs will be able to access critical networks or even commercial websites.
Well that's not entirely true some well designed software can still have bugs/ vulnerabilitys
Because Germany thought the Russians were their friends? Increase your defense budget already for goodness sake!
Хакеры взломали систему. Обнаружили что оно говняно, и решили делиться своими интересами.
Write ✍️✍️ to me 👆👆
now we desperate need men to catch hackers
PEGASUS, although all know about Pegasus its origin, its sale its purchaser and its misuse even with some high political entities being its victims no one have been doing or say cannot do anything to prevent it, to stop its sale and penalise its producers.
interesting
I won't mind being forced to mail a letter, use physical currency and rely on a landline. I don't care if cashiers need to actually manually input prices and count change. And being unable to talk on FB or watch TH-cam won't kill me. I seriously don't care if I can't buy it online. And too bad if you have to actually get dressed and go to work. Life wasn't better in 1970, it was just less complicated. And I wouldn't mind a little simpler, to be honest.
😔
Give Klaus Shwabb his great reset!
Great true story,book title-"Cowboy Mafia "-
Presenter doesn't blink much. Sort of freaky once you notice it. 😁
so that's another reason why you can't do anything.
Good episode
Proverbs 9:10 The fear of the LORD is the beginning of wisdom, and knowledge of the Holy One is understanding.
101th like, 22th comment.
🥴🥴🥴
Hype and fluff to distract from REAL issues like keeping the nuclear reactors running, and restarting the rest. I would think that staying warm in the winter and keeping factories running are more important!
Cyber security is extremely important without it all modern system will fall
Not suitable for listening As a podcast. I won't.
preparing for the wef attack
◇late late late late news! ◇yet helpful to the "clueless global masses", ◇who truly probably won't see this video; don't care; and who are too "lazy minded" to read, & educate themselves, about the "out of control" standalone attacks, or well- connected & organized; vicious criminal network threats. ☆danke◇🖖🏽
Thank you for your comments..write ✍️ to me👆👆👆👆
Cybersecurity is a bs! 🤣
A bs ?
@@davidhiggins2804 how you protect your systems from full-chain, 0-click, 0-day with persistence', kernel code execution attack?
Predictive programming coming ..coming soon
World economic forum.
Social credit biometric ids brave new world.
Yet I see so many sheeples here cheering 😳😳🤦♀️🤦♀️
Are You Born-again ?