How can we navigate safely in cyberspace? What threats exist to the environment and what can we do to protect ourselves? Andrea Schaller (AS) spoke with Matthias Bossardt (MB), head of cyber security at KPMG, at the first Digital Festival in Zürich about the risks of a cyber attack on the environment in today’s digital world.
AS: How large is the risk of cyber crime for the environment?
MB: The largest problem exists in the internet where the cyber problems enter the real world. If industrial control systems get hacked, for example dams, the direct implications for the environment are tremendous, if the cyber attacks are successful. One must also consider: what is the attacker’s motivation? Is it with intention or as a side effect of systems that are faulty?
AS: In your workshop you gave an example of radical animal protectors – what about radical nuclear power plant opponents?
MB: Those are very scary scenarios. The risk that terrorists follow through with threats is real. Terrorist have already taken down websites of companies and spread messages. The real number of attacks is unknown. These attacks distract from the real problem, though, which is that we do not adequately protect what’s important. Digitalisation is a great opportunity, but it stands on a sandy foundation which absolutely needs strengthening, otherwise we’ll have more problems than solutions.
AS: In the automotive world, GPS can be hacked and send you to a different location than you intended, and self-driving cars can be manipulated to cause accidents on purpose.
MB: When speaking about auto-pilots and self-driving cars, we must keep a perspective on how many of these incidents actually happen. It’s always big news when there’s an accident. Looking at the statistics, there are still very few self-driving cars, and relatively few accidents. Digital support helps increase safety overall.
AS: How do I prevent someone from hacking my GPS system?
MB: Use the safety features in the products. These must be improved as well, however, and have safety features programmed into the design.
AS: In your workshop, you gave the example of users of webcams, and how easy it is to intrude into their privacy and see what they are doing at home or writing on their computer.
MB: Users must be instructed on how to use safety features, otherwise they’re openly viewable. Apps that run functions at home or at businesses and entrance controls, for example, require the user to learn to use the safety features better and more responsibly. The more integrated cameras and functions you have, the higher the risk for attacks.
AS: But the danger is not only at home, it also concerns the industry. Smart energy, smart metering, and exchange and pay systems can also be hacked.
MB: Yes, technology in critical infrastructures, energy nets, telecommunications, payments in banking systems, must all be taken very seriously.
AS: Online banking is getting more and more popular, nowadays even through apps on mobiles. Many people don’t even know that if they do online banking through WIFI, it’s not secured by the banks.
MB: I’m an engineer. Technology can be used for good and bad, but technology will not be stopped, rather improved. There will always be risks in the world. Today we have the longest life expectancy. We never had a zero risk world, and there never will be. The landscape has changed, so we need to learn how to cope. When we get on a plane, we know some of them crash, but we still get on. There will always be a risk. We take measures to reduce risks, like passing through security checks, and even though they may be more of a perception of security, we still feel safer afterwards.
In real life, you are aware of the danger of driving too fast and recklessly. So you have an airbag in your car, and safety belts. In cyber space, we don’t have this feeling. It’s too virtual. We must learn to get a feel for what’s risky and what’s safe in cyberspace. How do I move around safely in internet banking, and other sites with privacy issues? It’s a huge issue, not just at the consumer end, but also with the social media companies. They need to have client trust. With this workshop (at the Digital Festival), we want to give people a feeling for it, a first step.
AS: Internet of Things is a big subject, our production lines are computerised and if a hacker intrudes, he can not only stop a whole production line and cause financial damages, he could sometimes also provoke huge environmental damages depending on the firm that he hacks. Do we have more danger through the digital world? Shouldn’t cyber security also be a topic taught at school?
MB: It’s important to learn how to deal with the digital world, just as with real world, especially in the Internet of Things. The digital cyber world and physical real world are interconnected now, not two separate worlds. We should absolutely learn how to navigate it early, to get a feel for it and its risks and how to avoid them.
Photo credit: Phil Rogers, flickr/Creative Commons