taking off soon had to berlin versus gladbach on sunday a take on hamburg and braman battle over. a quick reminder now of our top story thousands of involved have protested in the capital harare to demand president robert mugabe's resignation after four decades in power bought the veteran leader is resisting calls to step down. you're up to date now here on d. w. news going back again at the top of the hour omarion everything from all of us here in berlin thanks for watching. the end of that i v so that's why i think it's really important to give a bit of time and love back to the families who make so much effort.

in your. four o'clock in the morning in a small town two young men approach that target that part of our team of investigators they going to enter a building without leaving a trace. the break in begins from above the person controlling the drone could be as far away as china on russia the drone is such protected networks and reporting them back to the hakas. the drug has reached the network and you can see the first packages coming i see the

first devices showing up the first communication we can read it. it's as easy as it so. sounds. as an attack as we've been just. digitize ation has now reached many areas of life in germany giving criminals new opportunities we hear about hacking attacks in most every day not least on our industrial infrastructure sometimes the victim is telecom sometimes it's an industrial giant such as to some crook in one country cyber criminals even achieved a blackout what if something like that happens here. the scenario has already being played out in. how much danger is germany and. we are asked several hikers to find out for us.

to highlight the dangers that come with increasing digitise ation we start our research in the every day digital world where we're promised security and convenience. the digital home controlling entire buildings with no bond devices is becoming increasingly popular like here in austria for example. this charming little hotel is such a building and we're going to take a closer look at it the owner has agreed he doesn't know when the attack will occur . owner could cinna has embraced new technologies there were regular problems in his stressful everyday life such as with the cold storm on one occasion the door wasn't closed properly another time there was a power cut that's particularly bad when the hotel is closed the good spoil quickly and the financial damage to the family is significant. we always had

a problem that's on public holidays we weren't able to monitor our cold storage. we thought about what to do about it. and some things we bought a sensor for the cold store that sends temperature data straight to our mobile. phones in the guns and then print we get an e-mail and can react to it immediately. the temper to the temperature app was just the beginning of you've added other smart functionals can you tell us about those. you know if you don't know who has an alarm located by the front door of the hotel. or in the process of investing much more in this direction so we can be even safer. than dark right. be it analog or temperature sensor. controls all of the functions via his phone

the app send the data via the internet he was advised by his son and he'll play an important role later on in this film but first the father will show us his digital world. in his home for example he has a log with an access code that he can also control via his phone. this internet of things promises to be intelligent convenient and secure. the smart home bundles a number of functions so that they can be centrally controlled the intelligent control over this house takes care of the lighting it happens and closes windows and it monitors doors in connection with an alarm system it controls the solar panels on the roof and is supposed to help with managing energy consumption apps

from the internet of things can also be centrally controlled. items include household device. such as washing machines and surveillance cameras even light bulbs can be connected to the internet now all these items can be controlled remotely over the internet with a small van. but how easy is it factors to access this data and thereby learn for example that the home of the hotel guest is currently on occupied. sébastien cold air is an expert he's looking for security loopholes to warn uses not to harm them he'll hack the hotel for us to be asked to let the son of the owner will help him he advised his father but he's learned a few more things since then the two hackers have developed programs that can

manipulate smart home controls from the outside. as a source until it is the smart homes promise security these components such as the burglar alarms are sold on the basis of delivering security and difficulty in most cases technically knowledgeable attackers will be able to access these systems or influence various functions in these smart homes. as a financial and smart homes to baffles. hotelier i could still not bought into these promises for a long time too he was excited about intelligent light bulbs that he could control from his smartphone as a protection against burglars for example but what he didn't see coming is that he wrote about exactly the opposite. for us as attackers the light bulbs aren't interesting we want to open doors without being verified since both are online and

those are using the same encrypted material it's easier to attack the lightbulbs rather than the lock which is better protected. it's friday eighteen minutes to eight the peak period we're starting our attack on no test. equipped with a transmitter and an internet connection the drone penetrates the hotel network then it sends the data to the to hackers. where in the alarm system is the activated the doors open we can get into. the hotel you feel safe because the app tells him everything's fine. the two hackers on damaging the door they're using the key but even

a crowbar would have gone undetected because they d. activated the burglar alarm fast. their entry remains unnoticed by the app to the surveillance cameras were manipulated from the outside for the past thirty minutes they'd be showing a photo that was taken before not the two intruders. they've even remotely cracked the combination lock for the private hands. yeah. godzilla still doesn't know that we've already completed our trial burglary his security i didn't train. the doors open we can go in.

your son just broke into your hotel like you say to that. i'll be honest i'm very surprised that it was that easy. to get you out i always thought we had a safe house but that is this is easy in this day and age via certain smartphone apps still really surprises me in house. shows yet we too are amazed at how effortlessly the hackers succeeded in their attack. unfortunately from professional experience it's no surprise but as a private individual you should be angry. your promise features and security and end users innocently buy these products but are completely left in the dark about their own security. the security is fake and believed. hotel.

has asked his son to take the in secure devices offline. experts have a theory that ukraine is a kind of test lab for hackers trying out the latest cyber weapons. in a vendor twenty fifteen this mile west called black energy triggered a widespread power outage in ukraine a year later there were more severe cyber attacks on the country even though the people of kiev done say much of the civil war attacks on the electricity grid quickly became a matter of life and death in this struggling country the ministry for state security has invited the international press to report on the latest cyber attacks in the country they targeted the financial system the metro and once again the country's power supply the old malware black energy is still fresh in people's minds but it already has

a successor. janko witnessed their tack on the electricity grid he takes us to the scene of the crime about an hour's drive from cannes. well secured from the outside the electrical substation outside the city because of the war with russia the country's energy supplies in a desperate state their electricity demand can barely be met. then the engineer shows me the room where he was forced to look on helplessly as the instruments developed a life of their own and couldn't be controlled from within anymore it was not i have the night shift on a completely normal day at the substation everything was fine and then towards midnight the switches started changing color because of so when we got some leadership is that is. when i looked at the voltage divider transformers. i

understood that the substation one hundred ten to three hundred thirty kilovolts didn't have any voltage anymore but it wasn't as far as the apollo. we were all shocked nobody could believe it that. the cyber attack caused a red alert in the biggest control center in europe which monitors electricity lines from russia to the e.u. . there are a lot of the director of the state energy supplier sees political motives behind the attacks and these attacks could have disastrous consequences for the whole of europe in the future they could be you know he can muster with all the european countries that have modern administration systems with highly connected centrally controlled i.t. systems even more vulnerable than ukraine's isolated i.t.

systems when in a bus why i believe that the things happening here will have consequences for developed countries like germany and austria. i think because we're not so linked up the consequences for the ukrainian electricity grid were less than what could have happened in those other countries i mentioned where even the political system agree the make you know about a machine is movable to the ukraine got off lightly but such an attack could have more serious consequences in germany how safe is our energy supply given the increasingly connected nature of our systems the federal office for information security refers us to existing laws governing the protection of our critical infrastructure. the i.t. security law came into force in germany in summer two thousand and fifteen there are minimum standards requirements for operators of. it's

a cool energy plants to report attacks that has given us a different level of protection therefore i think an attack like the one on ukraine isn't likely in germany really we want to know more. when visiting an ex-pat who's interested in exactly this topic could hackers use loopholes to trigger a europe wide power outage. this is matty has done hina he wants to know how high the risk of a blackout is we've already had a taste caused by a cruise liner from the my ashes. and that was the fourth of november two thousand and six. when i luxury liner was delivered on the ends up with far reaching consequences a cut a single high voltage power line was switched off there were communication problems

between the grid operate has this resulted in a europe wide chain reaction. bomb all the people didn't know what was going on they couldn't reach the electricity supply e.d.f. so they called us but we didn't know what was going on either all when power would be restored. the power got lasted two hours. why is the world's biggest electricity grid so vulnerable. because it vibrates as the experts put it. doesn't just because this is the european alec just the grid it reaches from turkey to portugal and denmark to italy it's not a national grid it's a big european wide grid as for us what's the frequency at which it vibrates. in europe it's fifty hertz plus minus smallish deviations but jeff. really speaking

it's fifty hertz the frequency reacts very sensitively to outages imagine it like a pair of old scales there's the demand for electricity in the sum of all electrical consumers and then there's the supply normally the systems in balance if a power station fails one side becomes lighter while the other becomes heavier my frequency drops and sing the other power stations notice that and say ok let's power up a bit to restore the balance and then i get my grid frequency of fifty heads back of the jets. to cause a blackout hackers would have to find a way to switch off as many consume as all produces similar tamia say with one click. but what do i need in order to bring about a blackout. this is imo i have a lot of wind energy and solar energy in the grid that has to be

a blackout in europe lasting several days potentially would bring everything to a standstill concern about the vulnerability of critical infrastructure brings hackers scientists and operators together when meeting an old acquaintance who has already had experience with hackers as the manager of a municipal power plant. is the manager of the municipal works in etling and he's also responsible for power supply beyond just the subject of decentralization is highly topical infinity supply circle last twenty years ago we had around twenty energy producers here. today we have almost nine hundred. eighty of this custom a generation is hooked up to our control center that creates new risks around i.t. securities there's a loophole that could be abused and would steal because. we set out to find potential. poles and quickly find one at

a primary school in the town center. while i teach classes at taking place up status the future of the energy transition is starting in the schools. the new heat and power station that's to supply the town center with an actress city and heating has just been completed protected by thick walls and under the supervision of the municipal utilities these plants as opposed to guarantee the palace supply. staff on sized bag have found something after just ten minutes despite thick wools there's a wireless network in the sama. something i see no need for there to be a one as network down here because maintenance technicians can use a cable. a simple cable instead of a wireless network would provide security but remember maintenance is more

convenient and cheaper the move toward sustainable energy sources is also creating power stations that can be controlled wirelessly via an app an internet connection and a wireless router. this router is very easily accessible we're just looking into what other devices we can access via this router and whether we can access them by the control system of the power plant. and indeed other unknown individuals have already been inside this network yet. we found out that people have connected to this network with their phones in theory they also have access to . a standard router with an unsecured why fine network to control a small power plant we simulate an attack on the router and switch it off. thank you. the municipal utilities control

room can't do anything but watch it's yellow now and that means the connection has been interrupted if it remains interrupted for more than five minutes it turns red and then there's nothing you can do is just be the problem is that we can't have a connection to the heat and power station anymore come from yours and we can no longer control it from here we can't influence the temperatures or output and we can't do anything remotely if a problem occurs if there is a problem we don't find out about any more than. a convenience metal from it. as a gateway for attack as with any luck such events will be limited to student pranks . i'm going to cycle if you had the time and you're connected to the wife and network you could sit out here disguised as a student and try to get access for as long as you like. the big danger is that

someone who really wants to break something will attempt it. the individual locked in here with a phone can do that too. in actually going town center the security of the supply depends on one's more ruta municipal utilities boss has to react and repair. the colleague and my colleagues who took a look at it are going to develop a security concept to make these heat and power stations secure from attacks i think they view it from the i was inside city of ottawa an irish so vibrant is that if we had sixty power stations and you switched them all off at once then we'd have a very serious problem with the giving and he says it's you feel like it's about psych like. at its most extreme it could lead to a blackout extreme five isn't to downplay coward. but are we just talking about

an individual case about carelessness you know this programmer has stumbled across a loophole in the system that shows how dangerous even the most minor faults in a single router could become for the whole of germany. after moving house alexander graf wanted to make a phone call with his old phone via his new provider's cable modem since that didn't work he took a closer look at the madame and made a frightening discovery. while searching for the problem with his phone he came across a network connection to the providers and tie a cable network. the password he needed to access it came with the modem one was even an encrypted in his word his memory. millions can be made on the black market with such an unrecognized security

loophole known as zero day foods does can spy on millions of citizens as they do their phone banking or make expensive foreign phone calls via the numbers a billion devices could be affected from looters to aircraft. as it is use wherever we have safety critical systems and certainly also in respect of infrastructure such as nuclear power plants the question is always how linked up are the systems that are open to attack a security loophole becomes particularly problematic when you connect systems that weren't designed to be connected when you have systems that don't have any security concepts for access rights for example but you put them online and then they're open to attack that's a real security risk. linking up devices creates additional risks the

vulnerability of individual devices is worrying enough but it's only when they're linked up that blanket attacks can occur but when the risk is so high why are devices even linked up in this way why don't we operate every wind turbine and solar panel separately. we get the answer to this question at the university of professor get higher she has resigned as shown that the transition to renewable energy can only succeed if all produces intelligently connected. experts call these networks smart grids it's not grids need different metas it's not metas that will be getting in time that's the only way to balance out the green energy produced resulting in a stable and tricity great interview.

if we want to use wind and solar energy we have the problem that wind doesn't blow all the time and there's no sun at night on these if we have to track the ups and downs of production to deal with them and that's what we get from the smart grid. that's not as much because if i were an actress that he comes from solar or wind power production and consumption have to be matched up every second there's a fluctuation in how much electricity is produced so we need smart grades and the test lab. that test facilities here and yes in addition to this roof we have a test area and i'm saying ns and another one in he just that and that in and sing and it's twenty five percent of the energy requirements and in his estate and no less than one hundred percent is produced locally from solar power the future of the energy transition seems to have arrived the synchronous grid of continental europe as it's called will only remain stable in its fifty heads frequency if we

manage to keep the decent realized production of millions of citizens in balance with all household consumption the cobra family are in the middle of the energy transition they live in one of the test areas in oem they've made their own home small not much to their children's delight. they like playing with the wall the gadgets. patrick coba appreciates the convenience but he's professionally secured his network. the command centers located in the basement of that home we try to hack it but to no avail the passionate tinkering has used a simple trick. after having

a chat with our insulation companies we decided to have the heating controls offline there installed on a computer that has no connection so it can't be attacked. his project home is simply not connected yet and that's why it's safe but that to change soon if the government gets its way soon every house will be connected with a device that will replace traditional need has a smart meter. smart meters on that just to measure the consumption and production of electricity in future they should actively control the performance of solar panels wind turbines and consumption in the home the vision is as follows if there's too much and i tricity the smart meters will switch on washing machines crank up fridges and charge up electric cars if there's too little at tricity then smart meters should be able to draw on reserves such as from the batteries in

electric cars. smart meters already in use in spain italy and finland germany is lagging a few years behind although the rollout of smart meters in germany started officially on the first of january twenty seventh team there are no devices yet that meet high german security standards. nevertheless the industry is celebrating the market at the future. having smart meters is an opportunity for germany i want to get right to the heart of it the law to digitize the energy transition has removed the final hurdle after five years of political discussion we have cleared the way for the introduction of smart meters. i citizens are coming of age in the field. energy two they can now make independent

decisions will be entirely new business models we don't know many of them yet but i always have an image in the back of my mind from the liberalization of telecommunications when we give young children an old fashioned telephone with a dollar today what do they do if they try to push the numbers or swipe them because that's the kind of change i'm hoping for with these new smart meters what does anything for in the league millions of a good spot media in for. a new world but is it safe. the massive use of smart meters caused hackers have a vast quest to come up with a plan. and. he and a colleague were able to hack into millions of smart meters in spain with just a single device. fortunately he's one of the good guys. it was

a test that's why spain suffered no blackout we were able to get into the networked world smart meters and control them. which obviously is funny because then you're smart meters. were getting installed remote this connection feature that basically means that if you don't pay your bill there the trickle company will just shut down joy or electricity remotely with a click of about on on a remote computer maybe about one thousand kilometers away from your house. and we were able to control that. even found a way that would that out to graft cost on updates which could be considered somewhat i was because if you craft a post on update we'll shut down at some time or we'll listen to a back door comment or whatever it will turn every smart meter into our flashing tool so basically one

a smart meter will update others then when those others get updated with a cold they will update other so it was spread pretty much like a virus to us even though it's not running our we always but the way of working is the same so you could cause a big blackout just. by having access to one smart meter and i mean i says i don't mean open in it i mean just some got to go port and no one would ever know how it was started. how it happened. have you immediately reported the security loophole to the manufacturers after which he started working for a company in oh. what the serious security problems that the spanish not need has in mind having a vast quiz the dance team took on a german model they spent several weeks looking into a fast generation devise from a german manufacturer one however which hadn't been built for the demands of the transition to renewable energy is. first impression of the board was

that it was just really basic it's very clear that the product itself wasn't developed with security in mind and took off from people for. it's very easy for any attacker who has physical access to the device and for the hassle as a manufacturer can't understand every component using complete detail they just look at the bits that are relevant to them and that's what they build their entire product around them but if the components do other things to. they don't need and that can be a weakness. to know how to live. while we're doing our research the manufacturer gets in touch with us. the company tells us they're aware of the weaknesses under working on a new generation of devices and that they have invested several million euros into making these devices save.

the connector connector one was advanced for a first device of this time but attacking it is no longer a problem i think a good hacker could do that with a decent mobile phones a little more beautiful and hardly a lady can you get it again this generation of devices compares to the new one like the old nokia phone compares to modern smartphones. nokia telephone meeting high tech and small phone if they so devices were connected they could be attacked that's why the federal office for information security has given manufacturers specific instructions about how to protect themselves against hacking attacks. here we have the connector three point zero we've taken all the specifications issued by the office for information security into account they've told us exactly what

security technology to incorporate into our devices. by the time we finished making this film the federal office for information security hadn't yet certified any of the eight manufacturers smart meters and anyway certifications one thing liability quite another politicians dream of manufacturers being liable for everything in the future. as a manufacturer what do you have to say about politicians demanding product liability. as equipment manufacturers we find this whole topic really difficult to address imagine that we have a hacking attack on these devices in three years time how can we say now that will happen and where the attack will come from we just will try to address the risks as best we can over time so we're always up to date him of who not to listen would be nuclear option for you don't know but i don't think any system is totally secure in

your hide gets gobby he kind of says the manufacturers and hackers agree they'll never be one hundred percent security in the digital world the go has to be to give hackers the biggest run for them money as they can because for them to time is money. the federal office for information security has a simpler interpretation when you get into a car which is also highly complex with many individual systems and engine brakes and steering wheel it's relatively clear that the common you factor is always liable for all areas of all subsystems that don't work but in the cyber world we say it's so complex we're all using it nobody's liable because it's hard to prove unsolved liability as he is security loopholes wherever we turn and daily attacks from the web there are even digital blackmail as penetrating areas that are

literally a matter of life and death. i look as can i was what happened at the lucas hospital which was a fully digitized hospital and one of the district's intensive care centers was that we were informed that the entire infrastructure had been shut down because of a ransomware attack so it could no longer provide emergency cover. we wondered what would happen if a patient with a heart attack had to be taken to somewhere fifteen minutes further away and died as a result of this fresh guilt what happened february twenty sixth in the lucas hospital is an important part of emergency care in the district it's fully connected in order to save lives patients ganz are remotely accessible so that better and faster treatment can be given for example then there are the results of the tests done on hundreds of blood samples every day the network distributes them to the relative

departments in real time the cardiology department relies on modern i.t. to these days the digital revolution is also revolutionizing medicine and increasing life spans we think is what's important is that everything's faster we get results right away i can take scans to the patient scans i didn't have before and show him or her the problem or i could show the patient other examples of pneumonia. and of your highly connected and then that was a problem what happened was we had an external hacking attack to protect our data the systems had to be shut down with that the complete system was switched off and our capacity was significantly reduced reason because here digital blackmail always follows the same principle. it happens when someone opens a manipulated attachment when surfing a fake website when clicking on

a bad link by making such a wrong click malware. is activated which then spreads undetected in the system disguised as a harmless code the trojan grabs all the data and encrypts it nothing can be done anymore the trojan has taken over the computer. the victim is given a choice. either the data is destroyed forever or ransom has to be paid quickly. those who pay have to hope that the attacker will create the danger again after a successful transaction. those who don't pay may well lose it forever. no patient was harmed but the damage cost the lucas hospital millions of euro's it's a digital structure had to be rebuilt. whether

it's a highly specialized hospital or a simple hotel as soon as they hook up to the web they are vulnerable to attack. our research has shown that security measures on keeping up with the rapid pace of digitization. i present our research results to the president of the federal office for information security we had hacked lightbulbs and managed to break into a building that way we could have taken wind turbines off grid or even and time hate and power plants. so all we really better protected than ukraine. is of course will close these loopholes over time businesses have to face up to their responsibilities and we have to introduce minimum standards and that's what we're doing together it's

a task for society and i would prefer critics not to spread panic and instead make constructive. contributions instead of pinpointing weak spots also put forward possible solutions really critics just complain but don't contribute about an account of your own for to believe in god in cyberspace we live in a globalized world can one government or a single country even guarantee security at all as a state isn't responsible for everything the say protect its citizens what it's like in traffic if i drive drunk and all cause a crash and i'm personally responsible we try to explain to people that when the traffic light in the cyber world is red you should stop and take the relevant measures but there is green you can proceed if you've installed the necessary updates for example up it's a lot of money has most of it if you don't stick to those rules you shouldn't be surprised when you get run over it one of them a different version of haven't heard but given how many security loopholes we have

found is it really that simple and we personally decide whether we're going to drive a car nobody else does but we don't have that same choice in the context of the green energy and the risk is much greater to. me said has confirmed that just a simple mass produced component could suffice to trigger a major disaster to stay with the traffic light metaphor traffic lights are good but what happens when hackers switch the mode to going.

the ducted by rebels at the age of eleven forced to marry at fourteen released at twenty two evelyn story is fairly common in uganda tens of thousands of children are kidnapped abused and forced to become child soldiers and their trauma continues even after they return home because communities often reject them children of terror young rebel captives in uganda. in fifteen. freedom of expression. a value that always has to be defended and new. all over the world. are to afraid of freedom of art. a multimedia project about artists and their right to express their views freely.

d w dot com to freedom. it's all about the moments that lie before. it's all about the stuff inside. it's all about george chance to discover the world from different perspectives. join us inspired by distinctive instagram or zz. d.w. story the topic each week on instagram. this

is d w news live from berlin and zimbabwe has turned out in the tens of thousands to demand president robert mugabe's resignation the streets of the capital harare.