this is bbc news. i'm martine croxall. the headlines at 8pm. i suspect that there are quite a lot the government insists that theresa may had to reach out cities that might be interested in looking at this sort to labour in order to move of technology and if it's not a bus forward with brexit. it could be a refuse vehicle, but it has angered some conservatives. working withjeremy corbyn is not it could be a delivery lorry, it could be on all sorts of things. something i want to do at all. it is not something now, we don't need to just keep the prime minister wants to do. but far worse than that, would be to fail to deliver on brexit. things running with low emissions. no confidence in corbyn. keeping things running at all can be a challenge. labour defends its handling imagine the chaos if these of complaints about anti—semitism traffic lights went down. after reports that the party failed now imagine if the whole system went down due to a cyber—attack. to take disciplinary action. but it's notjust about transport networks. it's also large factories or power stations which have already fallen fighting between army rebels and victim to these types of attacks. and dan simmons has been shown some research which suggests our pro—government rebels infrastructure might be a lot more threatens the capital in aaa. a vulnerable than we previously thought. british woman has been arrested in dubai for calling and ex—husband —— her head —— ex—husband an idiot on the ukrainian example was presumably done by a nationstate actor and there they were able
to successfully, you know, turn off the lights in a neighbourhood. and that, to my mind, shows just how severe the consequences are. eitan goldstein has been helping secure the energy and utility sectors for almost ten years. you may want to disrupt oil and gas markets, right. the saudi example was the more recent of the two. and that was one where, presumably, a nationstate actor was specifically targeting safety systems in oil and gas refineries. and so there the assumption, the implication was that they were actually trying to cause physical harm and that one was really scary because they were directly going after the safety systems. so where does it all begin for the countries or criminals behind such attacks? today, eitan‘s offered to show me a tool called shodan. shodan specifically tells me what devices are open facing to the internet, all right. and so what that tells me is there's part of my attack service, my cyber exposure out there that probably shouldn't be there and particularly
its industrial control systems. it helps me then prioritise where i'm exposed and what i need to do to start to reduce risk. we're searching for these. individual bits of kit that control the big industrial systems. they‘ re called programmable logic controllers. or prcs, and if you're running a water plant, power station, or factory, for example, you don't want to just anyone fiddling with them. we know that there's now 6,000 of these plcs connected to the internet. and this is a real time... this is real time. and they should never be connected to the open internet like that. so there's over 5000 mistakes being made at the moment? there's many more than that. this is just the tip of the iceberg. these are just the ones that we can find now. yeah. and, look, this is a list of the countries where they're located. yeah. and so the power of the tool is the ability to click down. so, look, there's nearly 1000 of these in germany. right. so let's pull that up here. and what this will start to do here is give us some more
information on the specific devices, the companies, where exactly they are. and, as you can see here, just to give you a sense, you've got a wide range of, you know, leading german companies, smaller manufacturing firms. what we're finding here is that industrial control systems are vulnerable everywhere. it's a risk for everyone. it's part of your cyber exposure for everyone. now, many of the control systems and infrastructure are old and don't get a software update that often. which is one reason to keep them off—line. but increasingly we're connecting more devices to the workplace, so the opportunities for an attack go up. this week an independent report conducted by a specialist research agency suggests a far worse picture than previously thought. nine out of ten of the 700 security professionals working in critical infrastructure that took part in the survey commissioned by tenable said their workplace had suffered damage as a result of at least one successful cyber—attack in the last two years. but does it mean systems also went down? if you look at healthcare, oil and gas, utilities, transportation.
roughly half of them in the last two years have experienced some sort of attack or a breach around their industrial control systems that has led to a shutdown. now, i think it's fair to say that you have to take this report with a pinch of reality, because the experts that responded did so possibly because they had something to say. so you might expect the figures to be a little bit higher than, perhaps, what is truly the case. but even allowing for an adjustment for that, this report paints a very different picture to the everything's 0k scenario that the public might be persuaded to believe. under—reporting of cyber attacks against critical infrastructure is commonplace and it's notjust to protect reputations. it's in order to keep the confidence of us, the public, in the services provided to us, all around us, every day. the anonymity provided to the workers who responded to this, not the ceos or the bosses,
might also have loosened some tongues. back at the board and we've narrowed our search to one particular programmable logic controller that's known to have security problems. what i've been able to do is find this device with a known vulnerability found by tenable. surely nobody would leave these connected to the internet? you've even got a gps. you can find it on the map. so what i'm able to do now, and again remotely, is click into that device and i can remotely change the password. it's notjust this one company. shodan delivers up dozens of potential targets for us, including a major telecoms provider in the uk, germany, and in this scan, romania. shodan and tenable help companies find where their vulnerabilities are. but are organisations doing enough to protect us and could this happen again?
the absent electricity — some very core functioning goes down. you don't want to need medical care, should that happen, for example. and so the consequences can indeed be quite severe. as to the motivations of the attackers, i don't know, but certainly nothing good, right. it's a way to almost disable a modern functional society. what do you believe is the probability of an attack on that scale in the united kingdom? on that scale, quite low. i think it's important not to fear—monger like that, right. you know, the risk is real, the vulnerabilities are real, the cyber exposure is growing. there is that gap that you and i talked about earlier, but that doesn't mean the lights are going out in london next week. and i think we should be really sober about the risk. you don't need to exaggerate it in order to address it. and if they do go out, if this programme goes out after such an attack... and i was wrong?
i trust you'll edit thoroughly. laughter. that was dan and that's it for the short version of the show. you can us on facebook, instagram and twitter at @bbcclick. he's the indian film actor whose global fan base runs into the billions, and visiting the uk this week, the bollywood superstar, shah rukh khan has been honoured with a degree for his work in philanthropy from the university of law in london. in an exclusive interview with the bbc — khan says gender inequality in india in the workplace is narrowing and that he's seen
a positive change in roles and salaries within the indian film industry since the "me too" movement began. bbc asian network's shabnam mahmood reports. known as the king of bollywood, shah rukh khan is one of indian cinema's biggest stars and one of the highest—paid actors in the world. more used to receiving film awards, he's now being given an honorary doctorate for his work in philanthropy. thank you very much. genuinely, i want to live to be 100 years so that i can... now i'm 50. ..i can dedicate the next 50 years doing something worthwhile. and, you know, when i meet people around the world, i meet some youngsters, some old people, they will turn around and they say, "you know what, yourfilms make us happy." and that is very encouraging but i want to make people happy now, personally. over the years, he's championed equality for women.
so, have things changed in the industry following the "me, too" movement, which saw women standing up to sexual harassment globally? the roles of women and the kind of attitude that you have at workplace for women is changing for the positive. but i think overall, when i see some of the actresses get the kind of roles, and even salaries, which i think should be even more equal than it is right now, i think it's very heartening. however, there are some things shah rukh khan feels don't need changing, like the film censorship laws in india. you know, there are going to be issues between creative people filmmaker wants to disturb the sensibilities of the audience. but i don't think any law or rule is outdated, i think of course you'll have to keep on refurbishing them, and people are changing, the society is changing, but culturally, i think we are a very strong nation. and i think that needs to be respected always. the bollywood superstar has made
around 80 films over the last three decades. is it time now to take up more senior roles? my next role will be as sexy as my last one. so, you want me to be a sexy father, sexy hero, whatever you want me to be. shabnam mahmood, bbc news. now it's time for a look at the weather with sarah keith—lucas. good evening. for the second day in a row, sunday will be contrasted across the uk. we have a lot of sunshine in the west and south—west, this picture was taken by one of our weather watchers looking across the brecon beacons national park, a lot of blue sky there, the same cannot be said for here in york. grey sky, and more in eastern parts of the uk have seen cloud and outbreaks of rain. we keep this cloud and rain, particularly in southern and south—east england, and the midlands
and into wales, northern ireland too. this slow—moving weather front will stick around for the next you days. in the north not particularly cold. a touch of frost in rural scotland. in general, low cloud, mist and scotland. in general, low cloud, mistand murk scotland. in general, low cloud, mist and murk from the north sea. we have this easterly breeze ringing in cloud from the north sea, this weather front bringing in cloud from the north sea, this weatherfront bringing in rain. in wales, we see showers. some getting into northern ireland. to the north, sunshine, a misty and murky morning but some will burn back, lingering around the east coast. in the west, more sunshine and the highest temperatures. they are generally in the mid—teens, cooler around the east coast. sunny weather in south—west england but some showers are likely around the aisles of silly and the channel isles. this band of cloud and rain in the
south—east of england and south wales, with a lot of dry weather further north. a settled day, some missed and low cloud, but in the east it feels cooler, and around newcastle it's about 9 degrees. plymouth with sunny spells in the south—west of england. 0n plymouth with sunny spells in the south—west of england. on tuesday and into wednesday, blue colours edging in from the east. cold air which will take charge as we head through into the middle of the week. 0n through into the middle of the week. on wednesday, we lose that weather front from the south. some showers in the english channel but it is a drier day in general. it's a misty and murky start folsom of us. some sunshine, not particularly warm. single figures around aberdeen and newcastle but milder towards the south—west. goodbye.