In a recent interview with CNN, the Director of the Secret Service
noted that his organization is increasingly focusing on the cyber
security of the physical facilities visited by the President of the
United States as part of its duty to protect him. This raises the
fascinating question of just how much cybersecurity will become part
of the physical security conversation in 2017.
[...]
Imagine a major head of state on an official visit to a foreign
country or even a visit by the President of the United States to
another part of the US. Security forces go to great lengths to
construct a physical security cordon and maintain exclusive control
over who is able to enter that controlled space. Yet, the growing
Internet of Things means that more and more the various objects in
that controlled space, from the light bulbs overhead to the elevators
to the fire alarms to the traffic cameras are all remotely accessible.
Imagine a foreign intelligence service that wanted to disrupt and
embarrass a foreign head of state visiting another country. Today they
might hack into the local police offices in the city being visited and
monitor email accounts and document archives to locate official
security plans and schedules for the visit to plant paid protesters
holding large signs along the motorcade route. But, take this a step
further and consider for a moment the new factor of the vast Internet
of Things that envelopes that visit.
Those hackers could monitor all of the traffic cameras in the area to
watch the head of state’s movements in realtime and monitor his or her
schedule second by second. As he enters a building, the local CCTV
cameras throughout that building could be used to surveil his
movements and compile an intelligence list of everyone he meets with.
Yet, here’s where things get far more worrying.
When he steps on the elevator to change floors, those hackers could
disable the elevator system and trap him, disrupting his visit and
generating media images of him being helplessly dragged up a ladder to
safety.
Or they could trigger the fire alarms or overheat a piece of equipment
to cause a real fire and activate the sprinkler system, leading to
images of a soaked and miserable leader cutting his visit short.
Given that most modern office buildings have switched to electronic
access controls, those hackers could simply deactivate all locks
across the building, instantly rendering the entire facility
unsecured, doors flapping in the breeze and causing mass panic among
his guards.
Or, they could move to paralyze the entire city, cutting power to
every major building, while activating fire alarms across the city and
manipulating traffic signals to cause massive traffic accidents and
trap first responders helplessly across the city and preventing him
from reaching his next appointments.
Razer