Verizon’s 2010 Data Breach Report is Out

Verizon’s RISK Team publishes an annual report summarizing data breach incidents, and categorizing them on various criteria (e.g., who did it?  how was it done?).  It usually makes for some interesting, although sometimes depressing, reading.   This year’s report [PDF] has now been released, and features a considerably larger data sample than in the past, thanks to the inclusion of data contributed by the US Secret Service.

I haven’t yet had a chance to read the 2010 report, but one statistic from it, quoted in a diary entry from the SANS Internet Storm Center, caught my eye: “86% of victims had evidence of the breach in their log files”.   In other words, the sizable majority of breaches could be detected without anything fancier than the log files already being generated by the server(s).

I’ll post another note with some comments after I’ve read the report.

The Big Switch

I’ve written here a couple of times previously about the potential security problems associated with the introduction of “smart” electricity meters that can be controlled remotely.   According to a blog post by Ross Anderson at the Security Research group at the Computer Laboratory, University of Cambridge, there is a plan afoot in the UK to replace some 47 million existing electricity meters with “smart meters”.  The motivation appears to be primarily economic:

The energy companies are demanding this facility so that customers who don’t pay their bills can be switched to prepayment tariffs without the hassle of getting court orders against them. If the Government buys this argument – and I’m not convinced it should – then the off switch had better be closely guarded.

Ross and his colleagues have a new paper [PDF] on the potential impact of this strategic vulnerability.  From the abstract:

The off switch creates information security problems of a kind, and on a scale, that the energy companies have not had to face before. From the viewpoint of a cyber attacker — whether a hostile government agency, a terrorist organisation or even a militant environmental group — the ideal attack on a target country is to interrupt its citizens’ electricity supply. This is the cyber equivalent of a nuclear strike; when electricity stops, then pretty soon everything else does too.

Apart from the details of potential vulnerabilities, this makes a very important point: installation of these meters, and their supporting infrastructure, creates a very large-scale vulnerability where none existed before.

Trying to  think of an analogy is difficult — but suppose the FAA were suddenly to decide that all air-traffic control information would be housed “in the cloud” and distributed via the public Internet.  Communications with aircraft would be via VoIP telephone service.   Such a system might well save money, but would have the potential to be incredibly dangerous.

Generally, when we design systems to be robust and reliable, we try to eliminate “single points of failure”, parts of the system on which everything else depends.  Deliberately building them in seems a bit imprudent, to say the least.