« See All Blog Posts

Security at the Edge from a Hardware Perspective

Cyberattacks and Cybersecurity

  • Stolen data
  • Disruption of activities
  • Equipment damage
  • Income or revenue lost

These are just a few of the consequences from cyberattacks. Do not wait until your company suffers an attack to take measures! This article will explain how to protect your hardware against criminals.

Even the biggest oil companies worldwide have been victims of security vulnerabilities from as early as 2009. Criminals accessed sensitive legal, financial documents and information on deals. These attacks are possibly the result of targeted corporate espionage.

However, cyberattacks can have other motivations. For example, the WannaCry ransomware attack from 2017. In this case, the target was not a specific company but an old Microsoft operating system: a worm encrypted the computer’s files and asked for ransom to be paid in cryptocurrency. The ransomware crypto worm spread worldwide scaringly fast through governmental agencies, hospitals, telecom companies, colleges, manufacturers, private computers, among others. Revenue lost quickly reached the billions and human lives were endangered.

What is cybersecurity?

Cybersecurity describes the equipment, techniques, strategies, and services to protect computer systems, networks, hardware, and software from attacks to disrupt normal business operations, steal, destroy or change sensitive information and/or extort money from users.

There are five levels of protection that you should assess and improve:

  • Hardware level
  • Storage level
  • Access Level
  • Software Level
  • Network level

Most companies have been focused on the storage, software, and network levels because the largest, most famous attacks have been due to a vulnerability in those levels. As a matter of fact, it is very likely that an employee is familiar with Firewall protections, antiviruses, password best practices, 5G/Bluetooth or LoRa limitations, software update best practices, and self-encrypting storage devices or software. Truth is that most criminals will try to gain access to your information remotely before physically damaging/tampering with equipment, especially if security is tight in restricted facilities.

Why should you care about hardware protection?

Even though gaining physical access to equipment can be more difficult than digital access, you still need to protect your company starting at the hardware level. This is particularly important for distributed architectures, IOT (Internet of Things) applications, or Edge Computing. In other words, if not all your equipment resides inside restricted facilities (inside a data center, for example), hardware protection becomes relevant. Gaining physical access to equipment allows criminals access to your network and files which can lead to extortion, financial or data loses, or business disruptions.

In addition, you need to consider the human factor. Humans have limited biological capabilities and are subjected to emotions. In fact, people forget passwords and credentials and can be manipulated into providing sensitive information. Therefore, you can leverage hardware protection devices and strategies to complicate gaining physical access to equipment.

Hardware security includes hardware design, access control, secure key storage, code authenticity checks, and secure supply chain. In fact, these are some basic strategies to protect yourself at the hardware level:

  1. Trusted Platform Module (TPM)

TPMs commonly are chips for securely storing PC authentication artifacts like passwords, certificates, and encryption keys. These chips store measurements to help ensure that a platform remains trustworthy and can be installed in mobile phones or network equipment.

  1. Hardware Security Module (HSM)

A Hardware Security Module is an external device or plug-in card that safeguards and manages digital keys. This module also performs encryption for digital signatures. This is a strong authentication device to help fight the stolen credentials threat.

  1. UEFI Secure Boot​

The UEFI Secure Boot is a security standard developed by members of the PC industry.​ The standard ensures a device boots using only software that is trusted by the Original Equipment Manufacturer (OEM). ​ As a result, when the PC starts, the firmware checks the signature of each piece of boot software, including UEFI firmware drivers (also known as Option ROMs), EFI applications, and the operating system. If the signatures are valid, the PC boots, and the firmware gives control to the operating system.​

For more possible hardware vulnerabilities and how to avoid them, read this blog.

Finally, if you want to defend your company you need to protect all flanks against common threats and unlikely risks: from the network and software level to the hardware level. If you want to know more about how we can help you fight, continue reading about cybersecurity.

Sources:

https://www.computerweekly.com/news/1280095257/Exxon-Shell-BP-hacked-in-Night-Dragon-attacks

https://www.vox.com/new-money/2017/5/15/15641196/wannacry-ransomware-windows-xp

More information on Windows 10 Secure Boot Process: https://docs.microsoft.com/en-us/windows/security/information-protection/secure-the-windows-10-boot-process