now finally going to see significant change and cracking down on tax havens under your leadership in this case it's not up to me to decide that you know the commission as a prominent role because we have the monopoly of the initiative and we have taken so many initiatives i mentioned three of them and believe me if they become decisions that would be different but but the ball is in the camp of the member states it's up to them to decide they have to decide they have to deliver. and to deliver blumenthal the end of this year two thousand and seventeen is the year pierre moscovici thank you very much for taking the time to talk to us today. and that's all from us for now thank you very much for watching. the whole g.w. one hour. for in focus global insights the news out of your local heroes.

a double made for mines. in union. four o'clock in the morning in a small town two young men approach that target that part of our team of investigators they're going to enter a building without leaving a trace. the breaking begins from above the puzzle controlling the drone could be as far away as china all russia the drone is setting for i'm protected networks and reporting them back to the hakas. the drug has reached the network and you can see the first packages come in i see the

first devices showing up the first communication we can read it it's as easy as it sounds. as an attack as we then just. get. digitized sation has now reached many areas of life in germany giving criminals new opportunities we hear about hacking attacks in most every day not least on our industrial infrastructure sometimes the victim is telecom sometimes it's an industrial john such as to some crook in one country cyber. i mean knows even achieve the blackout what if something like that happens. the scenario has already been played out in. how much danger is germany and. we are asked several hikers to find out for us.

to highlight the dangers that come with increasing digitise ation we start our research in the every day digital world where we're promised security and convenience. the digital home controlling entire buildings with nobody devices is becoming increasingly popular like here in austria for example. this charming little hotel is such a building and we're going to take a closer look at it the owner has agreed he doesn't know when the attack will occur . owner could soon enough has embraced new technologies there were regular problems in his stressful everyday life such as with the cold storm on one occasion the door wasn't closed properly another time there was a power cut that's particularly bad when the hotel is closed the good spoil quickly and the financial damage to the family is significant we have we always had the

problem that on public holidays we weren't able to monitor our cold storage because we thought about what to do about it. and some things that we bought a sensor for the cold stall that sends temperature data straight to our mobile. phones in the dance and then print to it that we get an e-mail and can react to it immediately so for. example to the temperature app was just the beginning of you've added other smart functionals can you tell us about those. you know as good . as an alarm located by the front door of the hotel. in the process of investing much more in this direction so we can be even safer. be it an alarm or temperature sensor. controls all of the functions via his phone

the app send the data via the internet he was advised by his son and he'll play an important role later on in this film but first the father will show us his digital world. in his home for example he has a log with an access code that he can also control via his phone. this internet of things promises to be intelligent convenient and secure. a smart home bundles a number of functions so that they can be centrally controlled the intelligent control for this house takes care of the lighting it happens and closes windows and it monitors doors in connection with an alarm system it controls the solar panels on the roof and is supposed to help with managing energy consumption apps from the

internet of things can also be centrally controlled. items include household devices such as washing machines and surveillance cameras even light bulbs can be connected to the internet now all these items can be controlled remotely over the internet with a smart phone. but how easy is it for hackers to access this data and thereby learn for example that the home of the hotel guest is currently on occupied. sébastien cold air is an expert he's looking for security loopholes to warn uses not to harm them. he'll hack the hotel for us to be asked to let the son of the ana will help him he advised his father but he's learned a few more things since then the two hackers have developed programs that can

manipulate smart home controls from the outside. as is all of us until it is these smart homes promise security these components such as the burglar alarms are sold on the basis of delivering security in difficulty and in most cases technically knowledgeable attackers will be able to access these systems or influence various functions in these smart homes. as a functional and smart homes too bad for us. hotelier could still not bought into these promises for a long time to he was excited about intelligent light bulbs that he could control from his smartphone as a protection against burglars for example but what he didn't see coming is that he wrote about exactly the opposite. for us as attackers the light bulbs and interesting we want to open doors without being verified since both are online and

those are using the same encrypted material it's easier to attack the lightbulbs rather than the lock which is better protected. it's friday eighteen minutes to eight the peak period we're starting our attack on noticed. equipped with a transmitter and an internet connection the drone penetrates the hotel network then it sends the data to the to hackers. where in alarm system is the activated the doors open and we can get in. the hotel you feel safe because the app tells him everything's fine. the two hackers on damaging the door they're using the key but even

a crowbar would have gone undetected because they d. activated the burglar alarm fast. their entry remains unnoticed by the app to the surveillance cameras were manipulated from the outside for the past thirty minutes they'd be showing a photo that was taken before not the two intruders. they've even remotely cracked the combination lock that the private have. yeah. you . could still doesn't know that we've already completed our trial battery his security didn't train with the. doors open we can go in.

your son just broke into your hotel what you say to that. i'll be honest i'm very surprised that it was that easy. to get you out i always thought we had a safe house but that it's this easy in this day and age via a certain smartphone apps still really surprises me in house. we too are amazed at how effortlessly the hackers succeeded in their attack. unfortunately from professional experience it's no surprise that as a private individual you should be angry. your promise features and security and uses innocently buy these products but are completely left in the dark about their own security so the security is fake lived. hotel.

has asked his son to take the insecurity advises offline. experts have a theory that ukraine is a kind of test lab for hackers trying out the latest cyber weapons. in the event the twenty fifth day in this malware called black energy triggered a widespread power outage in ukraine a year later there were more severe cyber attacks on the country even though the people of kiev don't say much of the civil war attacks on the electricity grid quickly became a matter of life and death in this struggling country the ministry for state security has invited the international press to report on the latest cyber attacks in the country they targeted the financial system the metro and once again the country's power supply the old malware block energy is still fresh in people's minds but it already has

a successor. janko witness stand tack on the electricity grid. he takes us to the scene of the crime about an hour's drive from kiev. well secured from the outside the electrical substation outside the city because of the war with russia the country's energy supplies in a desperate state their electricity demand can barely be met. then the engineer shows me the room where he was forced to look on helplessly as the instruments developed a life of that alone and couldn't be controlled from within anymore it was the last i had the night shift on a completely normal day at the substation everything was fine and then towards midnight the switches started changing color which up so when we got to make sure that it was going to work when i looked at the voltage divider transformers i

understood that the substation one hundred ten to three hundred thirty kilovolts didn't have any voltage anymore but it wasn't as far as the apollo. we were all shocked nobody could believe it that. the cyber attack caused a red alert in the biggest control center in europe which monitors electricity lines from russia to the e.u. . several articles the director of the state energy supplier sees political motives behind the attacks and these attacks could have disastrous consequences for the whole of europe in the future the korean that he can muster with all the european countries that have modern administration systems with highly connected centrally controlled i.t. systems even more vulnerable than ukraine's isolated i.t.

systems on a bus why i believe that the things happen. here will have consequences for developed countries like germany and austria too i think because we're not so linked up the consequences for the ukrainian electricity grid were less than what could have happened in those other countries i mentioned where even the flick of steam agree the make you know about the way she is movable to the ukraine got off lightly but such an attack could have more serious consequences in germany how safe is our energy supply given the increasingly connected nature of our systems the federal office for information security refers us to existing laws governing the protection of our critical infrastructure. the i.t. security law came into force in germany in summer two thousand and fifteen there are minimum standards requirements for operators of critical energy plants to

report attacks that has given us a different level of protection therefore i think an attack like the one on ukraine isn't likely in germany really we want to know more. when visiting an ex-pat who's interested in exactly this topic could hackers use loopholes to trigger a europe wide power outage. this is matty has done hina he wants to know how high the risk of a blackout is we've already had a taste caused by a cruise line a from the my ashes. that was the fourth of november two thousand and six. when i luxury liner was delivered on the m's up our card with far reaching consequences a cut a single high voltage power line was switched off there were communication problems

between the grid operators this resulted in a europe wide chain reaction. about. the people didn't know what was going on they couldn't reach the electricity supply e.d.f. so they called us but we didn't know what was going on either all when power would be restored. the power cut lasted two hours. why is the world's biggest electricity grid so vulnerable. because it vibrates as the experts put it. doesn't just because this is the european alec christie grid it reaches from turkey to portugal and denmark to italy it's not a national grid it's a big european wide grid that's as old as if that's what's the frequency at which it vibrates as in the in europe it's fifty hertz plus minus a smallish deviations but generally speaking it's fifty hertz the frequency reacts

very sensitively to outages imagine it like a pair of old scales that is the demand for electricity in the sum of all electrical consumers and then there's the supply normally the system's in balance if a power station fails one side becomes lighter while the other becomes heavier my frequency drops off and seeing the other power stations notice that and say ok let's power up a bit to restore the balance and then i get my grid frequency of fifty heads back for the jets. to cool was a blackout hakas would have to find a way to switch off as many consume as all produces similar taney a snake with one click. but what do i need in order to bring about a blackout was a process i'm i have a lot of wind energy and solar energy in the grid that has to be transported i have

a situation where a lot of electricity has to be moved to another country such as england these are all factors. that already ramp it up a bit for the grid but they're not normal issues but if i can provoke another big jump in performance at exactly that time the chances of triggering a blackout a highly. a blackout in europe lasting several days potentially would bring everything to a standstill concern about the vulnerability of critical infrastructure brings hackers scientists and operators together when meeting an old acquaintance who has already had experience with acas as the manager of a municipal power plant. that is the manager of the new less oppose etling and he's

also responsible for the power supply i understand the subject of decentralization is highly topical infinity supply surplus funds in twenty years ago we had around twenty energy producers here. today we have almost nine hundred of them a joy to have this custom a generation is hooked up to our control center that creates new risks around i.t. securities there's a loophole that could be abused and would steal because. we set out to find potential loopholes and quickly find one at a primary school in the town center. yet while i teach classes at taking place up stands the future of the energy transition is starting in the schools sela. the new heat and palace station that's to supply the town center with an actress city and heating has just been completed protected

by thick walls and under the supervision of the municipal utilities these plans. as opposed to guarantee the palace supply. saying come on i'm aaron stefan size bag have found something after just ten minutes despite think wools there's a wireless network in the summer. i see no need for there to be a one as network down here because maintenance technicians can use a cable. a simple cable instead of a wireless network would provide security but trim and maintenance is more convenient and cheaper to move toward sustainable energy sources is also creating palace station that can be controlled wirelessly via an app and internet connection and the wireless router. this router is very easily accessible we're just looking into what other devices we can access via this router and

whether we can access them via the control system of the power plant. and indeed other unknown individuals have already been inside this network yet when we found out that people have connected to this network with their phones in theory they also have access to get. a standard router with an unsecured why fine network to control a small power plant we simulate an attack on the router and switch it off. the municipal utilities control room can't do anything but watch it's yellow now and that means the connection has been interrupted if it remains interrupted for more than five minutes it turns red and then there's nothing you can do any of the problem is that we can't have a connection to the heat and power station anymore can for you we can no longer control it from here we can't influence the temperatures or output and we can't do

anything remotely if a problem occurs if. there is a problem we don't find out about any more than. a communist medal from it. as a gateway for attack as with any luck such events will be limited to student pranks . i'm going to title if you had the time and your connected to the wife and network you could sit out here disguised as a student and try to get access for as long as you like. the big danger is that someone who really wants to break something will attempt it. and the individual locked in here with a phone can do that too. in that league in town center the security of the supply depends on one's more ruta municipal utilities boss has to react and repair.

colleague and my colleagues who took a look at it are going to develop a security concept to make these heat and power stations secure from attacks. from the i was inside city of ottawa and i if so by the end is that if we had sixty power stations and you switch them all off at once then we'd have a very serious problem with digging and uses its you feel like it's a god psych like. at its most extreme it could lead to a blackout extreme five isn't to downplay cowed by him. but are we just talking about an individual case about carelessness you know this programmer has stumbled across a loophole in the system that shows how dangerous even the most minor folds in a single router could become for the whole of germany. after moving house alexander graf wanted to make

a phone call with his old phone via his new provider's cable modem since that didn't work he took a closer look at the modem and made a frightening discovery. while searching for the problem with his phone he came across a network connection to the providers and tie a cable network. the password he needed to access it came with a no damn one was even an encrypted in his route his memory. millions can be made on the black market with such an unrecognized security loophole known as zero day foods does conspire millions of citizens as they do their phone banking or make expensive foreign phone calls via the numbers a billion devices could be affected from looters to aircraft. that is used wherever we have safety critical systems and certainly also in respect of

infrastructure such as nuclear power plants the question is always how they linked up the systems that are open to attack a security loophole becomes particularly problematic when you connect systems that weren't designed to be connected when you have systems that don't have any security concepts for access rights for example but you put them online and then they're open to attack that's a real security risk. linking up devices creates additional risks the vulnerability of individual devices is worrying enough but it's only when they're linked up that blanket attacks can occur but when the risk is so high why are devices even linked up in this way why don't we operate every wind turbine and solar panel separately. we get the answer to this question at the university of professor get higher she has resigned as shown that

the transition to renewable energy can only succeed if produces intelligently connected. experts call these networks smart grids smart grids need different meters smart meters that will be getting in time that's the only way to balance out the green energy produced resulting in a stable and tricity great. if we want to use wind and solar energy we have the problem that wind doesn't blow all the time and there's no sun at night when these if we have to track the ups and downs of production to deal with them and that's what we get from the smart grid and that's what this market us if i were an atrocity comes from solar or wind power production and consumption have to be matched up every second there's

a fluctuation in how much electricity is produced so we need smart grades and the test lab. test facilities here and yes in addition to this roof we have a test area and i'm saying ns and another one in here just that and it in and sing and it's twenty five percent of the energy requirements and in his estate and no less than one hundred percent is produced locally from solar power the future of the energy transition seems to have arrived the synchronous grid of continental europe as it's called will only remain stable in its fifty heads frequency if we manage to keep the days centralized production of millions of citizens in balance with all household consumption the kobo family are in the middle of the energy transition they live in one of the test areas in oem they've made their own homes smart much to their children's delight.

they like playing with the wall the gadgets. patrick coba appreciates the convenience but he's professionally secured his network. the command centers located in the basement of that home we tried to hack it but to no avail the passionate tinkerer has used a simple trick. after having a chat with our insulation companies we decided to have the heating controls offline there installed on a computer that has no connection so it can't be attacked. his project home is simply not connected yet and that's why it's safe but that to change soon if the government gets its way soon every house will be connected with

a device that will replace traditional need has a smart meter. smart meters on that just to measure the consumption and production of electricity in future they should actively control the performance of solar panels wind turbines and consumption in the home the vision is as follows if there is too much and i tricity the smart meters will switch on washing machines crank up fridges and charge up electric cars if there is too little an atrocity then smart meters should be able to draw on reserves such as from the batteries in electric cars. smart meters already in use in spain italy and finland germany is lacking a few years behind although the rollout of smart meters in germany started officially on the first of january twenty seventh team there are no devices yet that meet high german security standards. nevertheless the industry is

celebrating the market at the future. having smart meters is an opportunity for germany i want to get right to the heart of it the law to digitize the energy transition has removed the final hurdle after five years of political discussion we have cleared the way for the introduction of smart meters. i citizens are coming of age in the field. energy two they can now make independent decisions will be entirely new business models we don't know many of them yet but i always have an image in the back of my mind from the liberalization of telecommunications when we give young children an old fashioned telephone with a dollar today what do they do they try to push the numbers or swipe them that's the kind of change i'm hoping for with these new smart meters what does anything

for an already made us off against what made me feel. i knew wild but is it safe. the massive use of smart meters cost hakka have a vast quest to come up with a plan. he and a colleague were able to hack into millions of smart meters in spain with just a single device. fortunately he's one of the good guys. it was a test that's why spain suffered no blackout. we were able to get into the network through smart meters and control them. which obviously is funny because then you're smart meters. were getting installed remote disconnection feature that basically means that if you don't pay your bill they had a trickle company will just shut down joy or electricity remotely with

a people about on on a remote computer maybe about one thousand kilometers away from your house. and we were able to control that. even found a way that would that out to craft cost on updates which could be considered somewhat i was because if you craft a post an update we'll shut down at some time or we'll listen to about or comment or whatever it will turn every smart meter into our flashing tool so basically one a smart meter will update others then when those others get updated with a code they will update other so it will spread pretty much like a virus to us even though it's not running our we always but the way of working is the same so you could cause a big blackout just. by having access to one smart meter and i mean i says i don't mean open in it i mean just on the to go port and no one would ever know how it is

started. how it happened. have a immediately reported the security loophole to the manufacturers after which he started working for a company in oh. with the serious security problems that the spanish not need has in mind having a vast quiz the dance team took on a german model they spent several weeks looking into a fast generation devise from a german manufacturer one however which hadn't been built for the demands of the transition to renewable energy his. first impression of the board was that it was just really basic. it's very clear that the product itself wasn't developed with security in mind. it's very easy for any attacker who has physical access to the device. manufacturer can't understand every component using complete detail they just look at the bits that are relevant to

them and that's what they build their entire product around but if the components do other things they don't need then that can be a weakness on this one. while we're doing our research the manufacturer gets in touch with us. the company tells us they're aware of the weaknesses under working on a new generation of devices and that they have invested several million euros into making these devices save. the connector connector one was advanced for a first device of this type but attacking it is no longer a problem i think a good hacker could do that with a decent mobile phone a little more beautiful and hardly a lady can you get it again this generation of devices compares to the new one like

the old nokia phone compares to modern smartphones. nokia telephone i mean. if they so devices were connected they could be attacked that's why the federal office for information security has given manufacturers specific instructions about how to protect themselves against hacking attacks. where we have a connex a three point zero we've taken all the specifications issued by the office for information security into account they've told us exactly what security technology to incorporate into our devices. by the time we finished making this film the federal office for information security hadn't yet certified any of the eight manufacturers smart meters and anyway certifications one thing liability quite another politicians dream of manufacturers being liable for everything in the future as

a manufacturer what do you have to say about politicians demanding product liability you get it hence the law as equipment manufacturers we find this whole topic really difficult to address imagine that we have a hacking attack on these devices in three years time how can we say now that will happen and where the attack will come from we just will try to address the risks as best we can over time so we're always up to date me that's why it him of who not to listen would be nuclear option for you don't know but i don't think any system is totally secure in your hide it's garbage and kind of says the manufacturers and hackers agree they'll never be one hundred percent security in the digital world the go has to be to give hackers the biggest run for them money as they can because for them to time is money. the federal office for information

security has a simpler interpretation when you get into a car which is also highly complex with many individual systems and engine brakes and steering wheel it's relatively clear that the common you factor is always liable for all areas of all subsystems that don't work but in the cyber world we say it's so complex we're all using it and nobody's liable because it's hard to prove. unsolved liability as is security loopholes wherever we turn and daily attacks from the web there are even digital blackmail as penetrating areas that are literally a matter of life and death. i look as can i was what happened at the lucas hospital which was a fully digitized hospital and one of the district's intensive care centers was that we were informed that the entire infrastructure had been shut down because of a ransomware attack so it could no longer provide emergency cover stories of we

wondered what would happen if a patient with a heart attack had to be taken to somewhere fifteen minutes further away and died as a result of this schildt what happened february twenty sixth in the lucas hospital is an important part of emergency care in the district it's fully connected in order to save lives patients ganz are remotely accessible so that better and faster treatment can be given for example then there are the results of the tests done on hundreds of blood samples every day the network distributes them to the relative departments in real time the cardiology department relies on modern i.t. to these days the digital revolution is also revolutionizing medicine and increasing life spans it is what's important is that everything's faster we get results right away i can take scans to the patient scans i didn't have before and

show him or her the problem or i could show the patient other examples of pneumonia . and of your highly connected and then that was a problem what happened was we had an external hacking attack to protect our data the systems had to be shut down with that the complete system was switched off and our capacity was significantly reduced fees in the woods here digital blackmail always follows the same principle. it happens when someone opens a manipulated attachment when surfing a fake website when clicking on a bad link by making such a wrong click malware. is activated which then spreads undetected in the system disguised as a harmless code the trojan grabs all the data and encrypts it nothing can be done anymore the trojan has taken over the computer. the victim is given a choice. either the data is destroyed forever or

a ransom has to be paid quickly. those who pay have to hope that the attacker will create the danger again after a successful transaction. those who don't pay may well lose it forever. no patient was harmed but the damage cost the lucas hospital millions of euros it's a digital structure had to be rebuilt. whether it's a highly specialized hospital or a simple hotel as soon as they hook up to the web they are vulnerable to attack. our research has shown that security measures on keeping up with the rapid pace of digitization. i present our

research results to the president of the federal office for information security we had hacked lightbulbs and managed to break into a building that way we could have taken wind turbines off grid or even and time hate and power plants. so all we really better protected than ukraine. of course will close these loopholes over time businesses have to face up to their responsibilities and we have to introduce minimum standards and that's what we're doing together it's a task for society and i would prefer critics not to spread panic and instead make constructive. contributions instead of pinpointing weak spots also put forward possible solutions really critics just complain but don't contribute about an account of your forty billion dollars in cyberspace we live in a globalized world can one government or a single country even guarantee security at all as it does the state isn't

responsible for everything the say protects its citizens but it's like in traffic if i drive drunk and hose a crash and i'm personally responsible we try to explain to people that when the traffic light in the cyber world is red you should stop and take the relevant measures but there is green you can proceed if you've installed the necessary updates for example the updates a lot of money has most of if you don't stick to those rules you shouldn't be surprised when you get run over one of them a different version of hard. but given how many security loopholes we have found is it really that simple and we personally decide whether we're going to drive a car nobody else does but we don't have that same choice in the context of the green energy and the risk is much greater to. me said has confirmed that just a simple mass produced component could suffice to trigger a major disaster to stay with the traffic light metaphor traffic lights are good

but what happens when hackers switch the mode to going. when cities are in gulf by the sea. then all the. walls and costly protective measures with. nothing.

challenging our future starting november nights own double. every journey begins with the first step and every language of the first word i looked in the nikko he's in germany to learn german. business just why not thank goodness. it's simple online on euro mile and free. stuff. d w z learning course those big german made easy. i mean. he's a doctor what kind of diseases can be healed sperms that a reporter so what part of this implant is inside the ear but it's not. cost in the draws on

a wealth of insights totally different experts and whole fields of medicine were. in good shape. long do you believe. this is d w news why but from berlin tonight it's a boy it's a girl or neither nor a landmark court ruling means that germany could become the first european country to offer a third gender on birth certificates it's being called a small revolution.