Dear Friends and Students
Yesterday hackers gained unauthorized access to Water Treatment Plant in Florida! Hacker was trying to increase the Sodium Hydroxide by a factor of one hundred (from 100 parts per million to 11,100 parts per million). Hacker accessed the mouse, went to settings, and increased the amount. Hacker was active for 3-5 minutes it seems!!
Sodium hydroxide generally used for cleaning soaps and drain cleaners. It might cause irritation, burns, and other issues if it is consumed in large quantities. Recently, a similar intruding incident took place in the Israel water utility system. Israel could detect this early and averted a great danger.
The question is not about these isolated incidents. It is all about how do we manage in the view of the vision for Industry 4.0, where we are working towards digital supply networks & smart factories (industrial control systems-power grids, manufacturing facilities). If there is a compromise at one point in the assembly line, there is a cascading effect in the chain of reactions.
We are working towards a human microchip implant, DNA banks, etc. If someone intrudes into the Smart factory, it is fine. There is only economic loss. But, If someone attempts to intrude into the human body, we cannot even imagine the damage!! How do we manage such vulnerabilities?
In recent times, we witnessed few deadly cyber-attacks like the WannaCry attack (encrypted all devices, including medical equipment, and some factories were forced to stop production across 200,000 computers in 150 countries), ExPetr/ NotPetya (ransomware encryptor, damage estimated at $10 billion), A smoking cyber gun, DarkHotel: Spies in suite rooms, etc. We have seen the impact.
Bio-Cyberattacks are more dangerous than Cyber-attacks. A cyberattack may take us back to 20-30 years. However, a bio-attack takes us back to 1 or 2 generations!! Cyber is an element of the future of warfare, but the bio will be an element of the future of genocide.
Dear CSE Students
Recently someone asked me what are the prospects for CSE (Cybersecurity). Now this story clarifies that question. The potential for this course. Investments in Cybersecurity are growing rapidly. There is wide scope for ethical hacking. Ethical hackers should devise ways and means to keep their hands above the intruders & con-hackers. They need to assess the security of computer systems by looking for weaknesses and vulnerabilities in target systems and help companies to build better-secured systems. Hope you now understand the scope!
Generally, a typical Technology Development Stack for Web is as follows (rubygarage.org)
Client-Side Programming (users see on the screens)
- HTML & CSS
- JavaScript (JS). JS makes web pages interactive (JavaScript libraries (e.g. jQuery, React.js, and Zepto.js) and frameworks (e.g Angular, Vue, Backbone, and Ember) for faster and easier web development.)
Server-Side Programming (It is not visible to users, but it powers the client-side)
- Python (Django, Flask, Pylons)
- Ruby (Ruby on Rails)
- PHP (Laravel)
- Java (Spring)
- Scala (Play)
- Node.js (a JavaScript runtime)
Database (to store user data or retrieve the data to display to the user)
- MySQL (relational)
- PostgreSQL (relational)
- MongoDB (non-relational, document)
Server (a web application needs a server to handle requests from clients’ computers)
- Apache
- Nginx
Hosting (a secured cloud services platform that offers compute power, database storage, content delivery, and various other functionalities)
- AWS
- Microsoft Azure
- Google Cloud, IBM Cloud, Oracle Cloud, etc.
Security has to be planned at every layer !!!
Your Well-wisher
Ravi Saripalle
Join Inspire to Innovate Storytelling Movement (i2itm.blogspot.com)
Source Inspiration: https://economictimes.indiatimes.com/news/international/world-news/in-florida-city-hackers-try-to-poison-the-drinking-water/articleshow/80769746.cms
No comments:
Post a Comment