With coronavirus forcing almost all non-essential workers to work from home full time, our daily lives have been turned completely upside down. And with a new lifestyle of all-remote, all the time, our dependency on connected devices is higher than ever.
Even after the crisis passes, we can expect this trend of increased digital dependency to continue, where remote connectivity will be more deeply integrated into our lives than ever before. Not only will we simply have more connected devices around us at all times, but these devices will expound in sophistication and complexity with higher levels of functionality—and higher levels of risk.
To keep pace with this rising rate of connectivity and to keep ourselves protected from the simultaneously rising cybersecurity threats, we need cybersecurity solutions that can detect and prevent attacks to foil the hackers and prevent catastrophic consequences.
More Cyberattacks Coming
There are already new malware threats taking advantage of our increased remote connectivity. For example, dark_nexus (Dark Nexus) is a rapidly evolving botnet threatening the integrity of the Internet of Things (IoT). Dark Nexus uses known credentials and installs itself on compromised connected devices, acting as a bot to stage Distributed Denial-of-Service (DDoS) attacks.
Dark Nexus can attack many different IoT devices (router models, video recorders, and thermal cameras are just some of the devices that have already been attacked). Dark Nexus can also morph to attack different devices to carry out its nefarious activities, e.g., propagating and infecting more devices or networks from other companies to make the botnet army grow.
Attractive (and Vulnerable) Prey
Routers are highly desirable targets for hackers as they are a prevalent form of connectivity, ripe for the interception, blocking, and DDoS; thus, it is most concerning that routers are also notorious for their susceptibility to attacks. Despite routers’ significance, they are relatively low-cost devices and, therefore, do not typically include the kind of robust security necessary to deflect persistent attacks.
With millions working from home due to COVID-19, it is an even more critical time to ensure rock-solid protection for routers, as a simple hack could have severe consequences. For example, routers leave millions of homes and businesses exposed to criminals who could access personal information, send users to fake websites, upload malware, or even compromise networks to attack other networks.
How to Prepare Now
Of course, increased connectivity is advantageous to society, delivering new levels of efficiency, productivity, and innovation; however, increased connectivity also increases the attack surface area—and its value to would-be attackers.
The best defense against these attackers is preparation. We must assume that every IoT device is vulnerable and easy prey for attackers.
So, what can we do now to prepare for increased attacks in a post-COVID, hyperconnected world?
First, companies need to be aware of their IoT assets and associated risks. Then, they need to determine adequate security measures that can both detect and prevent attacks.
NanoLock Security is providing a joint solution with Dutch telecom KPN Security to safeguard IoT devices against cyberthreats, like Dark Nexus. KPN’s powerful protection incorporates NanoLock’s cloud-to-flash technology, which protects the firmware of an edge device from any unauthorized manipulation in the flash memory itself, thus, preventing malware threats, like Dark Nexus, from ever being installed.
Besides preventing attacks, this joint solution also detects any attempted attacks.
For example, if Dark Nexus attempted to install itself on an IoT device equipped with this solution, KPN’s SOC would immediately be notified of the intended threat at the moment it is happening, allowing its customers to immediately enact their prepared defense procedures. The SOC could also determine whether the attack was just targeting select devices or was aiming to attack others in the network. And when it comes to safeguarding one’s company, successfully detecting an attempted attack is just as important as deflecting it, as it is this knowledge that enables a company to collect forensic evidence—crucial data if one intends to seek financial compensation for damages incurred.
COVID-19 has created a hyperconnected world—with heightened opportunities for attacks. In the midst of the crisis, companies need to act now to increase their preventative security measures to withstand the new normal of complete digital dependency.
About Yoni Kahana
Yoni Kahana, VP Business Development, NanoLock Security, brings more than 20 years of experience in managing, leading, and developing large-scale projects in secure telecommunications and embedded systems, from idea-stage to completion in R&D, product and business environments. Yoni brings extensive cybersecurity experience, with specific expertise in securing embedded and connected devices in connected vehicles and IoT devices. Prior to NanoLock, Yoni was the Product Cybersecurity Group Manager for General Motors (GM), where he managed the Israeli Cybersecurity Group responsible for securing crucial elements in the car. He also was a Security System Team leader and Security System Product Engineer at Qualcomm and served as an officer in the Israel Defense Forces (IDF) in an elite unit where he led and developed cybersecurity solutions.
About NanoLock Security
NanoLock Security protects IoT and connected edge devices against persistent cyberattacks by insiders¸ outsiders and supply chain attackers. NanoLock provides a device-level¸ Security by Design solution with a powerful flash-to-cloud defense that secures the entire chain of device vulnerability–from deeply embedded endpoints in the device¸ to the cloud– with no additional device costs and zero computing power. NanoLock’s patented technology is securing a root-of-trust in the flash memory from leading memory vendors¸ disrupting edge device security with ironclad protection¸ secured firmware updates¸ reliable device-level alerts and a unique cost structure that shifts security investments from CAPEX to OPEX. NanoLock’s robust protection and device-level control are crucial to the success of industries like telecom¸ smart cities¸ utilities¸ industrial¸ automotive and more. NanoLock Security is the 2019 winner of the prestigious “4YFN Barcelona Startup of the Year” award.
NanoLock’s founding team and senior management are made up of veterans from the cybersecurity domain¸ representing a wealth of deep knowledge about management and security of next generation edge devices. NanoLock has offices in the United States¸ Israel and Japan.