Are Your Credentials On The Dark Web?
Why Increased Connectivity Means More Cyber Risks
We are living in an increasingly connected world. With each day that passes, we get more and more reliant on social media and messaging platforms for both social and professional functions. And our smartphones are not the only smart devices that are taking over our lives. Today, an estimated 10.07 billion connected or smart devices are in use across the planet. And by the end of the decade, Statista expects this to rise to 25.44 billion devices. And while this will greatly improve how people across the world communicate with each other, there is also the increased risk of cyberthreats.
The Connected Planet
Today, platforms like Facebook and LinkedIn have become part and parcel of life and business. The 2020 lockdown orders which forced people to stay at home across the country further increased our reliance not just on social media, but other connected technologies. For modern and digitizing enterprises, it’s become crucial to have an IT support staff that can facilitate the creation and development of safe, connected, and streamlined platforms for online work.
This rapid rise in connectivity is even more apparent in the latest industrial smart tech applications. Today, connected technologies are revolutionizing operations across the global supply chain. Verizon Connect details how modern cargo fleets are increasingly utilizing vehicle-to-vehicle (V2V) and other smart technologies to address pain points and streamline productivity. Through wireless protocols similar to Wi-Fi, the wealth of data from V2V technologies is now being leveraged to improve a host of smart logistics tech. This includes semi-autonomous fleets, smart fuel optimization systems, and vehicle-to-network (V2N) technology, which expands V2V applications to include traffic systems and other transport infrastructure.
The Risks of Global Connectivity
All of these advances in connectivity have two things in common: they make our lives easier – but they also exponentially increase cyber risk. In a nutshell, every new digital connection that’s enabled by any of the above-mentioned technologies is a potential gateway for a hacker. And that hacker can either take money from your bank account, compromise your organization’s network, or use stolen data to take down the systems of large government or corporate entities.
So, while V2N technologies are enabling the creation of efficient and intelligent transport systems (ITS), they’re also exposing global logistics to potential distributed denial-of-service (DDoS) attacks. DDoS is a strategy in which hackers overwhelm a system with more actions than it can process. And it can be a particularly effective way of not just shutting down but controlling the world’s emerging ITS. Today, cybersecurity firm Trend Micro Incorporated estimates that over 125 million vehicles with V2N connectivity will ship across the world from 2018 to 2022. The firm explains that this is creating an increasingly complex ecosystem of connected devices – each of which is a potential vulnerability for hackers to exploit.
Moreover, with the arrival and continued evolution of 5G, there will be exponential increases to both connectivity and cyber risk. And these developments can already be observed in the cargo fleets and logistics systems that run the global supply chain – on which food, health, retail, and other major global industries depend.
The Modern Hacker
This underscores a crucial aspect of examining and responding to cyber risk today. Literally every smart object or device has the potential to become the perfect tool for persistent hackers. In fact, even basic cybersecurity protocols designed to reduce connectivity risks can be leveraged for attacks.
Business software integration company SolarWinds learned this the hard way when their network, which was built to create and protect the networks of other enterprises, was used to hack its clients. The attack happened on the tail end of 2020. The malicious code was disguised as a regular software update from SolarWinds. And as any IT support staff can attest to, making sure that your software is constantly updated significantly decreases cyber risk. However, in this case, what happened was the exact opposite. Before the attack was discovered and ended, large amounts of sensitive data had already been stolen from every company that was diligent enough to quickly update their SolarWinds software. Following the combined and months-long investigations of private and government entities, Deputy National Security Advisor Anne Neuberger said that “9 federal agencies and about 100 private sector companies were compromised.”
This includes several national U.S. departments such as the Treasury, Commerce, Energy, State, and even Homeland Security. Alarmingly, it also pierced the defenses of several tech giants and Fortune 500 companies, including Intel, Cisco, Nvidia, and VMWare. And most importantly, this threat isn’t over yet.
The attack on SolarWinds was traced back to a criminal group originating in Russia, according to the FBI. And according to Microsoft, they may have struck again. The software giant identifies the attacker as an entity called “Nobelium.” After examining patterns of attack and entryways which again were traced back to connected technology, Microsoft says that Nobelium’s more recent attacks were focused on gathering intelligence from 3,000 individuals and 150 companies. Alongside malicious updates, the attacks now include customized emails and diplomatic invitations for each target – all of which are involved in a variety of international development, human rights, and humanitarian work in 24 different countries. Microsoft explains that “when coupled with the attack on SolarWinds, it’s clear that part of Nobelium’s playbook is to gain access to trusted technology providers and infect their customers.”
With stellar connectivity comes greater risk. In the increasingly connected world, there is an even more pressing need to focus on reducing cyber risk and strengthening IT security. This is as true for technology providers and enterprises as it is for individuals who go online on a daily basis. While defending networks is a task that’s best left to the experts, in the age of exponentially increasing connectivity, managing the cyber risk is everyone’s job.
At DataGroup Technologies, Inc. (DTI), we offer a wide variety of cybersecurity services to help protect your business from cyberthreats, including: security risk assessments, email security solutions, web and DNS filtering, next-generation firewalls, network security monitoring, operating system and application security patches, antivirus software, and security awareness training. If you’re interested in learning more about your cybersecurity services, please call 252.329.1382 today or contact us here.
Article written exclusively for dtinetworks.com by Alicia Rupert
Blog post text…
Blog post text…