'Cyber security is a job for the government'
April 9, 2015DW: Hackers attacked TV5 Monde last night, severely disrupting the channel's broadcasts. Is that something that can be done from the outside?
Haya Shulman: Certainly, that can be done. Almost everything nowadays works over the Internet, over the IP network. This includes phone calls, television broadcasts, radio broadcasts. If you can exploit vulnerabilities in the Internet, then you could subvert a TV broadcast.
Are companies prepared? Do they try to secure their systems?
Unfortunately, it doesn't really depend on one specific company. We saw a number of attacks recently, also on critical infrastructure. An attack on a steel plant in Germany did a lot of harm. We also saw attacks against government agencies that were communicating remotely. The problem is that the Internet is not secure. Even if one company decides to secure its networks: if it is connected to the Internet, it is still vulnerable to attacks.
What is the problem with the Internet?
We have identified many vulnerabilities in the basic protocols and systems of the Internet. These allow for instance to find a specific network. Now, if an attacker can redirect you to an incorrect address then you will go to an incorrect machine. And I would guess that part of the attack involved such a scheme concerning TV content that was stored on servers. No company can actually prevent these attacks.
That sounds alarming, since this could also happen to critical infrastructure.
This is a very real and substantial risk and concern for governments, armies and security services in Germany and world wide. These attacks actually happen. I cannot expand on this, but there is a lot of effort to counter such attacks and to harden the systems. These systems - like power plants or water supply systems - are connected to the Internet and monitored via the Internet, so they are vulnerable. The attacks don't even require infiltrating malware. Evaluations that we have performed show that you can attack a service that is located in Europe remotely from anywhere.
But if the basis of the Internet is the problem, then there is no real solution?
The Internet protocols were defined and standardized in the 1980s, when nobody talked about attacks. But then it grew from a US army project into the Internet as we know it. But it still uses these same protocols that are extremely vulnerable. And it is very difficult to replace an existing system. It is very costly. It requires replacing the infrastructure, replacing machines, it requires expertise of organizations to know how to configure it and actually run it.
How, then, is this going to happen?
This should come from the top, it is a government job. It should mandate support of new protocols and defenses. This is the only way to prevent further attacks. Companies are not motivated to do that by themselves. The US and Israel are already trying to do that, with cyber strategies that are defined on the government level and then become mandatory for Internet operators and other organizations. Only this will allow to secure the networks.
Dr. Haya Shulman is an expert in Network and System Security. She leads a Research Group in the European Center for Security and Privacy by Design at the Technical University of Darmstadt in Germany.