The urgency of cybersecurity for hardware devices

Cybersecurity is a challenge across all echelons of the global economy and deciding how to approach the growing capabilities of hackers is a feat that companies are ardently trying to tackle with major investments in products, solutions, and services. Most have been focused on software security and until recently hardware connected devices were not a priority focus.

Threat actors, including state-sponsored, and criminal enterprises are becoming more sophisticated by searching for vulnerabilities to exploit machine learning, and artificial intelligence tools. And they are targeting both software and hardware gaps.

A big target for hackers is the Internet of Things (IoT). The Internet of Things (IoT) broadly refers to devices and equipment that are readable, recognizable, locatable, addressable, and/or controllable via the internet. By 2025, it is expected that there will be more than 30 billion IoT connections, almost 4 IoT devices per person on average and that also amounts to trillions of sensors connecting and interacting on these devices. According to the McKinsey Global Institute, 127 new devices connect to the internet every second.  What’s new with the Internet of Things? | McKinsey

Unfortunately, many of these devices are not manufactured in the West, lack standards, and users often rely on the weak security of default settings. They make an enticing collection of targets for criminal hackers. Digital connectivity of our phones, computers and other devices allows for greater convenience, but also greater risk– every point of connection to a system is a potential portal of attack.

To address the issues of cyber-securing everything we may be connected to, companies are developing innovative approaches to cybersecurity. Their solutions combine physical and software security to lock and enhance the safety of every point of connection within an organization’s technology.

Protecting Hardware Components of the Network

One specific area of concern is USB devices. Recently, the FBI warned that cybercriminals have been mailing out USB drives that are unknowingly used by their target victims that spread ransomware and launch cyber-attacks. It is much like a social engineering attack but not online. The infected USB drives are sent via the US Postal Service and UPS, impersonating the Department of Health and Human Services in some cases, and Amazon in others. According to the FBI, some packages are designed to resemble Amazon gifts—containing a fake thank you letter, counterfeit gift card, and a USB—and in other cases, the USB drive is accompanied by letters referencing COVID-19 guidelines.  FBI: Cyber criminals are mailing out USB drives that install ransomware – Cyber Security Review (cybersecurity-review.com)

In addition to USB drives, cybercriminals often hack into HDMI ports. HDMI ports are everywhere, and many configurations are vulnerable. A hack can be exponential in impact. Via a single HDMI connection malware can be spread to every device connected through HDMI ports.

According to FIU Professor Selcuk Uluagac, director of the College of Engineering and Computing’s Cyber-Physical Systems Security Lab (CSL) A. Selcuk Uluagac - People - ECE - Florida International University - FIU) has noted that if a hacker can access an unsecured HDMI-device, they could inject malicious commands to make the device do things it’s not supposed to do. They could bombard the device with repeated code and shut it down, turn it on and off, and more. With this, there are dangers for individuals and businesses.

The growing reality is that hackers are seeking out unsecured ports and systems on companies and especially industrial systems connected to the Internet. But there are several immediate potential remedies to those threats.  

Separating Signals That Pose Threats To Devices and Networks

Often, cyber defense advances in parallel to cyber-attacks. An Israeli company called Fibernet LTD.  (https://www.fibernet-tech.com/solutions/cybersecurity/)

known for their data center expertise (including for CERN), has also developed of a line of products to keep secure USB, HDMI, and similar data lines. Fibernet’s solutions allow companies to target high-level secured environments, including multi-media peripherals, by separating source and data. Fibernet restrings, emulates and separate signals keeping functionality and avoiding any possibility of hacking through these lines. This is a unique different approach as Fibernet devices will block the attempt before it reaches the network.

Cybersecurity at the signal level is an interesting approach as physical security is based on the laws of physics– it makes it physically impossible to transfer data in the wrong direction, denying an attacker access to your system. In conjunction with strong software security that directly preserves the operationality of internal and operational software itself.

Fibernet CEO Avner Aslan says that the most common reason companies fall victim to these cyberattacks is they only focus on strong software security and overlook physical security against data breaches.  He notes, “Think of this as leaving the front door to a house locked shut while the back door is wide open, allowing anyone to enter freely and easily.” 

Hardware-separated Operating Systems

A research and development company based in Virginia, Inzero Systems  (inzerosystems.com) has developed products to protect against sophisticated phishing attacks based on hardware-separated operating systems or endpoint data separation security. They have created hardware-separated operating systems, or HSOS, that exist and operate in the same mobile device or computer. The HSOS creates two (or more) independent operating systems in the same computer. Each OS thus has its own kernel, RAM, storage, and drivers. Neither OS cannot access the other.

Their approach means that no matter how sophisticated or effective malware is that accesses the computer in OS, even if it gains all the user’s privileges for that OS, it cannot access the other OS. The other OS can be secured knowing that it is not vulnerable to anything transpiring in the other OS.

Finding hidden Devices In the Network

Another company, Sepio (sepiocyber.com) has specialized in asset visibility by finding devices that companies and organizations may not be aware of that exist in their networks.   Sepio’s hardware fingerprinting technology discovers all managed, unmanaged, and hidden devices that are otherwise invisible to all other security tools. Sepio HAC-1 is a hardware access control platform that provides visibility, control, and mitigation to zero trust, insider threat, BYOD, IT, OT and IoT security programs. Their platform is further augmented by a threat intelligence database, ensuring a lower risk to hardware infrastructure.

Fortifying The Platform With Threat Detection and Mitigation

Another approach is from the company Intel Inc.  https://www.intel.com/content/www/us/en/architecture-and-technology/hardware-shield.html with their Intel® Hardware Shield and Threat Detection Technology for Enterprise Window devices. Intel’s hardware-based systems help protect endpoints by identifying threats that are not visible to threat detection software tools.  Their solution delivers integrated hardware-based PC protection, which includes below-the-OS security, application and data protection, and advanced threat detection.

In the scheme of cybersecurity things, it is all about fortifying vulnerabilities and closing gaps that criminal hackers might exploit.  That is an urgent requirement. Software has certainly been a choice method of infiltration for malware. However, hardware risks cannot afford to be neglected in today’s cyber-threat landscape.  Companies need to secure both software and hardware that are the Ying Yang of Cybersecurity, These aforementioned companies, products, and solutions (and more) should be considered as tools in a holistic risk management approach for cyber-securing all that is connected to the rapidly expanding digital ecosystem.