Hacking traffic lights given as example of possible G20 cyberattacks

G20 is an “irresistible target for hackers,” according to Greg Rudd, spokesman for the Council of Registered Ethical Security Testers, or CREST Australia. Hackers “would love to just get into the traffic light system for example and just disrupt that and what they’re after really is free international media,” Rudd told ABC.

Historically, attackers do target the G20 Summit, but none have ever taken over traffic light systems. Even though it’s supposedly “easy” to hack traffic lights with a laptop, it’s a safe bet that if attackers ever take control of traffic light systems anywhere in the world, at any time, it will gain international media attention.

Rudd gave three broad categories of groups that can launch massive “cyberattacks on G20: state-sanctioned hackers, commercial spies and activist organizations such as Anonymous.” But with China and Russia as the most obvious suspects, Rudd said, “A lot of hackers all over the world have gone out of their way and developed it into a bit of an art form to lay the blame at China and Russia’s feet for all sorts of hacks.”

Past cyberattacks on G20 Summits have included a flood of emails with malware attachments while G20 was held in Paris during 2011; a botnet-controlled DDoS attack on South Korea in 2009; and a 2007 cyberattack on Estonia that was dubbed “the second-largest instance of state-sponsored cyberwarfare.” Australian businesses have been warned by the Australian government spy agency responsible for signals intelligence (SIGINT) and information security (INFOSEC) “to brace for a wave of cyberattacks” around the G20 summit.

With a motto of “reveal their secrets – protect our own,” the Australian Signals Directorate (ASD) is like an Australian version of the NSA and is part of Five Eyes. Since the G20 Summit will be held in Brisbane on November 15 to 16, ASD said networks there have “become a more attractive target for cyber espionage and attack.” Targeted attacks by “state-sponsored or other foreign adversaries, cyber criminals and issue-motivated groups is a real and persistent threat.”

Because the same old cyber tricks are still effective, the ASD issued recycled G20 cyber security advice from 2013. Social engineered emails are part of the warning as malicious cyber actors are looking for a “weak link to try and break into a network.” Just ask Home Depot or Target how well tricking a third-party vendor for a foothold and stolen credentials still works.

“If it’s not yours, don’t use it!” That wisdom pertains to USB flash drives or other removable media as they are common “gifts” handed out at G20. Malicious software might also be a hidden extra in “gifted electronic devices” or when charging mobile devices via untrusted computers. Other cyber advice to individuals involved in G20 included avoiding public Wi-Fi connections, hotel kiosks, Internet cafes, and accessing web-based email as well as steering clear of blabbing too much in social media.

Anonymous denies plans to wear burqas at G20

The list of G20 prohibited items (pdf) is long and diverse; it includes a ban on clowns – or otherwise disguising or concealing a person with camouflage paint or cream. That also applies to the Guy Fawkes masks often donned by members of Anonymous. After an article claimed Anonymous protesters would wear burqas to hide their faces, Anonymous Queensland issued a statement calling the article “fake.” Yet the possibility caused the Queensland Police Service to issue a warning that it “will challenge anyone who they believe poses a threat to the safety and security of the G20 leaders’ summit, and through a variety of means establish their identity.”

G20 Operations Center surveillance

For real-world security, the G20 Operations Center was described as a “state-of-the-art police command center” with “unprecedented” surveillance capabilities that spark “envy” among other Australian police departments. 150 police will man the center 24 hours a day.

“Hundreds of security cameras, including those at Brisbane Airport and across the CBD, will feed into the command center,” which has “dozens of TV screens” lining the walls. “It really is a state-of-the-art facility, there’s quite a few screens that obviously give us access to CCTV footage [and] to aerial photography from [the police] Polair [helicopter],” said G20 Police Commander Katarina Carroll.

On Friday, a 57-year-old man was the first to be arrested under the G20 Safety and Security Act; not because of his actions, but because he was taking photos and “refused to identify himself when questions by police on the steps of the Brisbane Convention and Exhibition Center.” Police cited the same G20 Act to question a woman after asking her to provide identification. The Queensland Police Service also allegedly warned protesters that it has sonic cannons for crowd control if G20 demonstrations get too rowdy.