Book Review: Cyber-Physical Attacks
Butterworth-Heinemann; Elsevier.com; 270 pages; $49.95.
Cyberattack is a term we’ve become all too familiar with. Cyber-physical attacks describe attacks on physical space using cyberspace.
We are increasingly dependent on the highly automated and networked technology already embedded in automobiles, smart buildings, and industrial control systems, as well as the Internet of Things. They aim to improve our lives and to operate our businesses and factories more efficiently; however, with technology comes vulnerability. Author George Loukas opens our eyes to how our devices can be used against us by hackers, criminals, terrorists, and even disgruntled employees.
Cyber-Physical Attacks: A Growing Invisible Threat serves as an introduction to cyberattacks that can have a physical impact, and how to defend against them. A security professional with very little computer knowledge, and who may be intimidated by anything beyond email, will find this book easy to read and understand.
The book is very well written and provides many illustrations, tables, and figures to clarify important concepts. It explains how computers can be used against us to disrupt medical devices, turn off building lights, disable safety equipment on automobiles, and allow a factory’s equipment to operate in a destructive manner.
Each chapter includes an outline, a chapter summary, key terms, and follow-up questions and exercises to reinforce the material. The author includes examples of real-world attacks and expands outside the text to provide further detail on relevant information. For example, Loukas discusses Stuxnet, which is considered to be the first cyber weapon, and how it was used to attack an Iranian nuclear facility in 2010. Since that time, reports of cyber-physical attacks have continued to increase.
Cyberspace is becoming the arena of choice for crimes, warfare, and acts of terrorism. The growing pervasiveness of technology in our lives and our workplaces exposes us to cyber-physical attacks. Reading this book will help us recognize an attack, identify the type of attack, and learn how to stop it. It is recommended for all security professionals who wish to be prepared for the next cyber-physical attack sure to come.
Reviewer: Derk J. Boss, CPP, CFE (Certified Fraud Examiner), CSP (Certified Surveillance Professional), is principal consultant for DJ Boss Associates. A casino security and surveillance expert, he serves on the ASIS Gaming and Wagering Protection Council and is former chair of that council. He is a published author and recognized speaker.