Tuesday, September 17, 2019

Can smart objects become a cyber threat in Industry 4.5?

The emergence of the Internet of Objects (IoT) has increased the number of devices that are connected through the Internet. Thus, the "cloud" today is not only formed by a huge network of computers and interconnected computer systems, but also by a multitude of devices that constitute IoT, such as industrial sensors, smart appliances, home automation equipment or smart city devices, among others. All this vast set of elements can be used, as we will see below, to launch cyberattacks against any type of organization. According to Gartner, the IoT will reach 20,000 million devices by 2020, all of which are likely to be “kidnapped” by cybercrime. The magnitude of this figure justifies the concern of companies and institutions and the need for them to prepare to deal with potential cyber attacks that may include objects connected to the Internet.

Until recently, hackers were able to maliciously seize networks with hundreds of interconnected computers and schedule an attack on the computer infrastructure of any type of organization, to prevent its usual operation, collapse and, at the same time, damage its reputation. For this, the cybercriminals instructed these computers to connect at a certain moment, and simultaneously, to the computer system that was the object of the attack to cause it to fall. Now, with the emergence of IoT, in addition to seizing these computer networks, hackers can “hijack” endless devices connected to the Internet, such as thermostats, smartwatches, webcams, routers, media players or smart appliances, and schedule attacks Much more harmful. To warp them, identify easily vulnerable IoT devices to take control using, for example, username and password by default. To do this, they use specialized tools through Internet search engines, where they find models of specific devices that present security flaws. An illustrative example is an attack launched on October 21, 2016, known as Mirai. That day, the company Dyn DNS, an Internet service provider, suffered a denial of service or DDoS attack (according to the acronym in English of Distributed Denial of Service) produced by the Mirai botnet that, among its attack elements, used IoT devices The collapse of Dyn DNS affected its customers, well-known companies such as PayPal, Twitter, GitHub, Amazon, Netflix or Spotify, remaining for a few hours without service,

The consequences of the cyber attack suffered by Dyn DNS, probably the first in which IoT devices were used, indicate the need to find preventive solutions to detect and mitigate these types of actions. The denial of service has been, is and will continue to be a headache because of its complexity and constant evolution. On the one hand, universities, research centers, and computer security companies seek detection and mitigation methods to prevent and counteract this type of attack, aware that the “bad” side is authentic specialists with deep computer and network knowledge. Communication.

While denial of service attacks are among the most harmful, hacker creativity has no limits and constantly designs and develops new attack modalities or improves existing ones. Ransomware attacks (malicious encryption of the memory of a computer demanding the payment of a "ransom" for decryption), persistent threats (malicious SW, difficult to detect, which is installed on a computer and produces harmful effects randomly during a prolonged period of time) or attacks on critical infrastructures, to name just a few examples, begin to be known and be present in the media quite frequently, due to the media and social impact of their effects.

In the face of cybersecurity threats, there is no choice but to adopt preventive measures that are reduced by two. First, apply the concept of security by design. That is, any computer implementation, device or system connected to the network must be conceived from the beginning thinking about the potential cybersecurity vulnerabilities that it may have to eliminate them with a correct design. Secondly, users' awareness of existing cybersecurity risks is very important. This implies extreme caution on several fronts, for example with authentication methods (being careful with keywords), with email management (not opening messages with unknown attachments) or with the use of devices (for example USB not reliable that could infect our computer with malicious code), among others.

No comments:

Post a Comment