The IoT and Industry 4.0 have changed the way we understand the cyberattacks, whose presence has multiplied exponentially due to the increase in the number of connected devices in society. Cell phones, tablets, computers, smart cars, televisions... a host of devices that have the Internet and that relate to each other, either by exchanging information or by performing any other function. The common link in these devices is the so called firmware, a term that refers to the interface between the hareware and the software. and that makes them very vulnerable to attacks by third parties.
Classic cyber-attacks, therefore, respond to the theft of data and confidential information: phishing or malware are two common methods. But what aboutwhat about new cyber attacks aimed at large-scale physical damage??
The new cyber-attacks: IoT and Industry 4.0 as key players
Recent news offers several examples of how IoT and Industry 4.0 have changed the way cybercriminals plan their attacks. In 2010 in Iran, for example, there was a virus attack on the machinery used by several industrial plants to enrich uranium. In Germany, something similar happened, although the information that has come to light has been minimal. These two examples call into question the security system for cyber-attacks on connected devices. Nowadays, the problem is not to fight against the possibility of having our home computer infected by means of an antivirus. On the contrary, the real problem lies in avoid massive infections of industrial plants, financial institutions or public administrations with the aim of doing real physical damage.
Therefore, we have moved from small-scale cyberattacks to ones where the industrial sabotage has become the central focus. According to experts, the only way to avoid any kind of piracy in industrial equipment is to have machines and devices that are not connected to the Internet and that are not intercommunicated with each other. Logically, in the digital era in which we live this situation is impossible, since Industry 4.0 and IoT are two concepts diametrically opposed to this situation of maximum security.
The reality is also the opposite, since according to German government statistics, large companies in the German industrial sector are planning to investing 40 billion euros per year until 2020. The goal is to have 80% of the value chains of these industrial plants fully digitized.
At Zemsania Group we are IoT and Industry 4.0 experts and we take safety very seriously
How to protect yourself against massive cyber-attacks?
From our point of view, it is important to know the vulnerabilities in all phases of software production. They are the following:
- Breaking the chain of trustIt is necessary to perform an exhaustive analysis of the life cycle of the devices in order to discover the holes and flaws that may exist in the system. The belief that, because the software is only manipulated by authorized personnel, it will never be infected, must disappear.
- Development and design phaseAt this stage of the project, there may be situations of vulnerability in which the firmware may be manipulated. Therefore, extreme caution must be exercised. Similarly, it should be noted that any malicious manipulation at this stage is unlikely because it would have to come from within the company itself. Moreover, it would not be very effective, since it would be corrected throughout the development and design phase.
- Production phaseThe following is an example: to introduce some kind of vulnerability in the firmware during this phrase, it is necessary to physically access the firmware. This fact reduces the chances of success, but extreme caution must be exercised.
- Transport phasemalware is usually introduced remotely, but in the transport phase, the hardware can be intercepted and conveniently manipulated before it reaches its destination. It is obvious that to do something like this, you need to have privileged information.
- Operating phaseVulnerabilities in this phase are usually remote or occur in the facilities themselves, which makes us think about security in industrial plants.
In conclusion, cyber-attacks must be approached from multiple points of view, as many as the phases in which the entire life cycle of a firmware is structured. Hence, it is necessary to stop looking at a single point and start to interpreting cybersecurity as a global problem that affects both industry and society. This is the first step in successfully tackling cyber-attacks.