Berners-Lee raises spectre of weaponized open data by Bill Camarda.
From the post:
Practically everybody loves open data, ie “data that anyone can access, use or share”. And nobody loves it more than Tim Berners-Lee, creator of the World Wide Web, and co-founder of the Open Data Institute (ODI).
Berners-Lee and his ODI colleagues have spent years passionately evangelizing governments and companies to publicly release their non-personal data for use to improve communities.
So when he recently told the Guardian that hackers could use open data to create societal chaos, it might have been this year’s most surprising “man bites dog” news story.
What’s going on here? The growing fear of data sabotage, that’s what.
…
Bill focuses on the manipulation and/or planting of false data, which could result in massive traffic jams, changes in market prices, etc.
In fact, Berners-Lee says in the original Guardian story:
…
“If you falsify government data then there are all kinds of ways that you could get financial gain, so yes,” he said, “it’s important that even though people think about open data as not a big security problem, it is from the point of view of being accurate.”He added: “I suppose it’s not as exciting as personal data for hackers to get into because it’s public.”
…
Disruptive to some, profitable to others, but what should be called weakly weaponized open data.
Here is one instance of strongly weaponized open data.
Scenario: We Don’t Need No Water, Let The Motherfucker Burn
The United States is currently experiencing a continuing drought. From the U.S. Drought Monitor:
Keying on the solid red color around Atlanta, GA, Fire Weather, a service of the National Weather Service, estimates the potential impact of fires near Atlanta:
Impacted by a general conflagration around Atlanta:
Population: 2,783,418
Airports: 38
Miles of Interstate: 556
Miles of Rail: 2399
Parks: 4
Area: 27,707 Sq. Miles
Pipelines are missing from the list of impacts. For that, consult the National Pipeline Mapping System where even a public login reveals:
The red lines are hazardous liquid pipelines, blue lines are gas transmission pipelines, the yellow lines outline Fulton County.
We have located a likely place for a forest fire, have some details on its probable impact and a rough idea of gas and other pipelines in the prospective burn area.
Oh, we need a source of ignition. Road flares anyone?
From the WSDOT, Winter Driving Supply Checklist. Emergency kits with flares are available at box stores and online.
Bottom line:
Intentional forest fires can be planned from public data sources. Governments gratuitously suggest non-suspicious methods of transporting forest fire starting materials.
Details I have elided over, such as evacuation routes, fire watch stations, drones as fire starters, fire histories, public events, plus greater detail from the resources cited, are all available from public sources.
What are your Weaponized Open Data risks?