This development raises a pressing question: How can a “single vulnerability” cause a comprehensive disaster? And what measures must be taken to secure smart systems in the future?
In this context, Dr. Mohamed Mohsen Ramadan, head of the Artificial Intelligence and Cybersecurity Unit at the Arab Center for Research and Studies, affirms that software code is the lifeblood of the modern era, and that a software error poses a “direct threat” that can lead to “the disruption of entire cities, the manipulation of sensitive systems, or the cause of massive human losses.”
He explains that smart systems, despite their accuracy, are not immune to errors. The larger and more complex the programs, the greater the likelihood of security vulnerabilities. Global reports indicate that about 90% of modern systems contain vulnerabilities that may remain dormant for years before being discovered. He adds that aircraft guidance and autopilot systems rely on complex programs, and that any minor error can cause loss of control, as happened in previous international accidents due to software defects, where an unexpected malfunction can turn into a real threat to flight safety.
Regarding self-driving cars, Ramadan points out that some accidents resulted from inaccurate sensor readings or vulnerabilities that allow hackers to control the car remotely, including the brakes, making any car vulnerable to attack if it is not adequately protected. He adds that software errors in power plants, communication networks, or in medical devices such as ventilators and drug pumps can have dire and life-threatening consequences.
For his part, Major General Tariq Attia, former First Assistant Minister of Interior of Egypt for the Media and Public Relations Sector, believes that a vulnerability is the “weak point” that attackers exploit to penetrate protection systems and cause material damage, noting that some vulnerabilities are sold on the black market for prices reaching millions of dollars.
Attia identifies six basic measures for protection and prevention: immediate isolation of affected systems, technical impact analysis and identification of the scope of the problem, notification of competent authorities and technical teams, issuance of an urgent update and notification to users, in addition to documenting the incident to ensure it does not recur in the future.
He concludes by emphasizing that addressing software errors and vulnerabilities is no longer just a secondary option, but a mandatory necessity to protect lives and ensure the stability of countries in an era when programming has become more lethal than traditional weapons.
