Lentis/Cyber-Attacks on Cyber-Physical Systems

Introduction
A cyber-attack can be defined as an attack on computer systems/architecture, or information systems with malicious intent. The attack could be an individual or group acting against other individuals, business or civilian groups with the intention of acquiring unsecured data from the victim. Specifically, cyber-attacks on cyber-physical systems are becoming increasing as physical systems become more interconnected.

A cyber-physical system (CPS) is a system in which there is some connection between a physical entity and its related cyber component. The connection is typically sustained between system components by feeding data through sensors or actuators. The main distinction between a CPS and a typical computer is that a CPS has physical inputs and outputs.

The networking of various CPS through software can be thought of as the Internet of Things.

Smart Car
A smart car is equipped with visual and weather sensors that feed information to the driver and to the auto response functions of the car itself, such as automated driving, and vehicle-to-vehicle (V2V) communication. New CPS components in cars are commercial-off-the-shelf (COTS) and are integrated from third parties. Many car producers fail to realize that new security issues arise from integrating these heterogeneous components in the vehicle. Tire Pressure Monitoring Systems (TPMS), for instance, have unencrypted communication with the vehicle. Attackers could exploit this communication, and retrieve unique vehicle IDs.

Smart Home
A smart home could have weather sensors to auto regulate various temperature, lighting, and appliance components in the home. All of these features could be easily programmable from a universal device. Some devices are already commercially available, such as Nest, Google Home, and Amazon Echo. If hackers took control of a home's smart thermostat, like Nest, they could have complete information on the family's schedule, specifically when people are in and out of the home. (Video: Nest Thermostat Hacking)

Smart Grid
Smart meters could be placed on homes to communicate with the utility providers on a daily basis for close monitoring of electricity use. This could help utility providers better predict peak electricity demand, thus decreasing wasted electricity. Looking to future, if more homes are equipped with electric storage capabilities such as solar panels and/or electric vehicle batteries, it becomes easier to scale up renewable energy integration. The grid is currently highly centralized due to reliance on fossil fuel plants, and needs diversified storage opportunities for renewable energy.

Drones
Unmanned aerial vehicles (UAV) or drones are a widely used technology. The U.S. Custom and Border Protection uses MQ-9 Reaper, a type of UAV, for surveillance missions across the border. Law enforcement agencies began to operate commercial drones to replace their manned helicopter units. Fire fighters use commercial drones to gather structural information of hazardous buildings before they perform search and rescue missions. Companies like Amazon are developing autonomous package delivery systems using drones. Hobbyists fly drones for entertainment.

Commercial drones have vulnerabilities that can be exploited. Many drone manufacturing companies such as DJI and 3D Robotics use different flight control platforms like Pixhawk, however they operate under same communication protocol, MAVLink. MAVLink was developed as an open source program for hobbyists. Since security features add cost, MAVLink does not have security features to protect drones from cyber physical attacks.

MAVLink pairs the drone and the ground control station with NetID. A properly programmed attacking device can parse the radio transmission to obtain and update this paired NetID. Then, the attacking device can send commands to power off or take control of the drone. The code to parse the radio transmission is easy to look up, so anyone could conduct a cyber physical attack on commercial drones running with MAVLink.(Video: Anti drone device)

Transportation Systems
A transportation system is a facility consisting of the means and equipment necessary for the movement of passengers or goods. Transport networks have become increasingly digital, which makes them highly susceptible to cyber attacks. Electronic data can now track the location, status, and condition of vehicles and infrastructure. Electronics are used to monitor weather-related risks, such as hurricanes or landslides, that will cause damage or delays to transportation systems. Any organization will be exposed to cyber attacks if they use computer networks or internet for sales, administrative functions, automated control systems, or storage of confidential information. Specifically, the major transportation systems at risk are:

1.	Railroads/trains

2.	Airplanes and airports

3.	Connected cars (cars with internet access)

Criminal
This is the most common agenda, comprising of 60.6% of cyber attacks in January 2016. In many of these cases, the attacker targets the digital assets of a company or transportation network. This includes personal info such social security numbers of customers and employees, credit card numbers, and intellectual property of the company.


 * A Dutch-based trafficking group hid cocaine and heroin in cargoes shipping containers of timber and bananas from South America by hacking into computer networks of companies operating in the port of Antwerp. This allowed the hackers to access secure data about the location and security details of containers, meaning the traffickers could steal the smuggled cargo before the legitimate owner arrived.

Criminal cyber attacks may also be motivated by malice. In this case, the attacker could be a disgruntled employee or customer that wants to get back at the system. They could also be motivated by desire to prove their ability to perform a cyber attack. These cyber attacks could be the result of untargeted malicious code and random selection.


 * In Lodz, Poland, a 14-year-old modified a TV remote control so that it could be used to change track points. The teenager hacked into the train system for the information needed to build the device, essentially making it his own personal train set. As a result, four vehicles were derailed injuring twelve people. He had no desire to hurt anyone, but was hacking into this system as a prank.

Hacktivism
Hacktivism is defined by the hacking, or breaking into a computer system, for a politically or socially motivated purpose. It is the second most common agenda, comprising of 27.7% of cyber attacks in January 2016.
 * A group protesting the Communications Decency Act in 1996 hacked into the Department of Justice website and changed the title to the “Department of Injustice.”

Cyber Espionage
Cyber espionage is the use of computer networks to gain illicit access to confidential information, typically that held by a government or other organization. This is more sophisticated than most other cyber attacks and attackers are looking for trade secrets and intellectual property of other countries or governments. This comprised of 7.4% of cyber attacks in January 2016.


 * High end UAVs have exploitable vulnerabilities. In 2011, Iran hijacked the RQ-170 Sentinel UAV, operated by the CIA. The Iranians first jammed the radio communication channel controlling the Sentinel from the ground control center. This forces Sentinel to rely on GPS to determine its latitude, longitude, altitude, and velocity. Iran then sent false GPS coordinates, guiding Sentinel to land on their territory, while Sentinel thought it was landing on its home base.

Cyber Warfare
Cyber warfare is a politically motivated attack on an enemy's computer or information systems. These attacks aim to disrupt critical infrastructure and cause property damage and loss of life. These would be considered terrorist attacks from organizations such as ISIS. This comprised of 4.3% of cyber attacks in January 2016.

Commercial drones are easy to exploit without leaving any logs or traces to track attackers. Terrorists can use these drones as a weapon.
 * ISIS recently started to use drones as a weapon by delivering bomb or chemical weapons.
 * Cartels and drug dealers uses commercial drones to smuggle narcotics, and inmates also uses drones to smuggle contrabands such as cell phones, cigarettes, and drugs to their cells. In early 2016, Maryland inmate was able to arrange to deliver these contrabands to right in front of his cell window.

Conclusion
As seen with hacks on drones and transportation systems, CPS security breaches could result in loss of secret information, physical property, and human lives.

According to Tony Tyler, CEO of the International Air Transport Association (CTA), drones are one of the biggest threat to the passenger airlines by interfering the route of the commercial airplanes. To minimize the risk, FAA started to enforce drone regulations and prohibited flying drones near airports. Army officers have developed a cyber rifle using raspberry pi to power off commercial drones.

The National Transportation Safety Board (NTSB), established in 1967, is a government agency that investigates accidents in the aviation, highway, marine, pipeline, and railroad modes. The NTSB must implement policies to meet the requirements placed by the National Institute of Standards and Technology (NIST). The NIST develops actionable recommendations for strengthening cybersecurity in the public and private sectors to better secure the growing digital economy.

There are many initiatives to prevent CPS breaches. The Department of Energy has a Cybersecurity for Energy Delivery Systems (CEDS) program designed to improve the United States' energy infrastructure. A main goal of the program is to better assess risk on a large scale, and identify vulnerabilities in our current system. Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) is an example of a program funded by the Department of Energy. TCIPG has developed commercial software packages that can be integrated by utility providers. Examples include sensors like Amilyzer that identify system threats in real time, and middleware frameworks like GridStat that decrease data delivery latencies in the power grid.

The National Science Foundation has founded a Team for Research in Ubiquitous Secure Technology (TRUST) that is currently looking into financial, healthcare, and physical infrastructure solutions. Carnegie Mellon's CyLab is also committed to building more of these public-private partnerships in developing new technology for secure computing.

The internet of things is now a reality. The connection of various cyber-physical systems is intended to improve our way of life, but is also being exploited with criminal intent. Security issues are now more complex and larger scale than ever before. Research into cyber-physical security will help us better understand the cyber interface between physical systems, and the growth in consumer adoption of new technology.