Today, every business – no matter how large or small – is threatened by costly, debilitating, and even catastrophic invasions from viruses, malware, and ransomware that can corrupt the vital data networks and information systems on which we all depend. Never has the need for effective cybersecurity been greater.
The Rapid Rise of Cyberspace
The triumph of digital technology over old ways of doing things is remarkable, both in its near-universal scope and in the speed with which it deployed. Our eagerness to work faster, more accurately, and more productively; our desire to connect with each other more frequently; and our responsibility to manage the data emerging from these rapid developments was so urgent that the world was wired very rapidly. Then, suddenly, the wire itself was no longer necessary, and it seemed that all space was cyberspace. Indeed, the microwave spectrum was alive with human activity.
The desire for the benefits of digital connection and immense computing power were so great, in fact, that human beings stepped willingly – almost without question – into an arena that was almost completely counterintuitive, as the non-physical nature of cyberspace defied easy description or understanding. Although avid adopters acquired a language and grasp that was unforgiving of the billions left behind, most people, even today, remain unfamiliar with the underpinnings of digital technology and cyberspace. The default explanation for an emerging world that rarely stooped to explanation was, “It’s intuitive.” Though usually unintentional, that claim was almost always misleading.
In fact, the digital world that emerged was not only thoroughly counterintuitive, but also full of paradox. It was like the discovery of Planck’s constant, at the outset of the 20th century, which was the formula that reconciled the actual, observed spectrum of energy with the formal curve that logic, based on Newtonian physics, had projected. That was the dawn of quantum mechanics, in which the facts of the very small seem to be at odds with what we see in the visible universe. Cyberspace – and the world it brought forth – is often like that. Frequently, it doesn’t seem to work like the world we knew before, the world we could see.
The Open Front Door
As the founder of The Connectivity Center, I brought with me a unique perspective on cybersecurity that has both breadth and relevance. Working for decades at the nexus between data-user needs and the makers of quality electronic devices provided a perspective that is fueled with the insights, agility, compassion, and understanding that I got from working with people who were ushering these digital developments into usable forms, and also with the people who were quick to adopt them. Not just “in love with the gear,” as so many authorities seem to be, I developed a respect for the people willing to put these tools to work. As we made that interface more accessible, I came to understand its vulnerabilities from the ground up.
I began my work in Huntsville, Alabama, the hotbed of rocket design and missile engineering during the Cold War arms race, a city that continued to play a larger role as space exploration took its place alongside defense as a national priority. In this environment, I found direct connections with industries that depend on data centers to bring solutions to the unforgiving and ever-evolving requirements of those urgent times.
Later, when mainframes gave way to stacks of servers, I was fortunate to work with dreamers and designers who pioneered many of the communications technologies used in today’s data centers. As the market began to embrace the advantages of distributed access, we all saw vulnerabilities emerge as much of the computing power left the data center in the direction of the desktop. Gone are the days when protection meant taking care of a large machine behind a locked door.
Gone are the days when our access was through the appropriately named “dumb terminal”. What came afterwards were machines that could think for themselves. The network became more of a tool used to negotiate communication between smart devices rather than simply a connection back to the mainframe. New technology brought with it new points of access – data ports like USB, serial, RJ-45, CD/DVD drives, SD card slots, and so on. Each point of access brought with it a new point of vulnerability.
This is where our focus began on physical solutions for cybersecurity threats. Every new day at The Connectivity Center provides yet another opportunity to identify points of access that should be most concerning to our customers. Capping the many phases of digital development that I saw firsthand, my current vantage point provides me a special opportunity to see, hear, and understand what vulnerabilities might be least protected.
Maybe the most striking thing about these physical solutions is how often they are overlooked. In fact, among the $170 billion spent annually on cybersecurity, almost all that spending is on programs, software, and other online solutions to the threats. Remarkably, almost all those solutions are based on a response to an incursion, rather than on preventing the incursion itself.
We say this is like a homeowner buying every digital device in sight to secure the home, and even to control the home’s operations while they’re away – and yet leaving the front door wide open. Unfortunately, when businesses and companies leave their front doors open, the results can be catastrophic. Two real-world stories illustrate the magnitude of this physical threat to computer network and information security.
Story #1: How a Thumb Drive Took Down an Emerging Nuclear Threat
Iran, a nation that was steadily developing nuclear weapons capability that would destabilize a belligerent region and, indeed, threaten the world, was set back by what some say was a decade or more when the Stuxnet virus was introduced to the computer network at its Natanz nuclear plant. That plant supported that nation’s uranium enrichment program, and had robust security measures in place, yet the virus was able to bypass elaborate computer network and information security measures there.
Was this virus uploaded remotely by a genius in cyber network security and launched from a top-secret online lab?
No. A simple thumb drive – a common USB flash storage device – dropped at just one of this country’s facilities carried this virus, now legendary in cyber-warfare circles. Within months, the virus caused more than 1,000 infected machines to disintegrate; it is reported that Iran decommissioned around 20% of its centrifuges at the Natanz plant during the attack.
The impulse for a person to add to his or her personal storage and transfer tool kit is somehow more powerful than all the policy manuals, warnings, signs and security cameras that can be directed against it. Apparently, even the smartest people are susceptible, and even the most disciplined military and security personnel are not immune to this impulse to use the stray thumb drive.
A study at the University of Illinois demonstrated our susceptibility to flash drives. The study investigators reported that more than half of the thumb drives that were left in parking lots were picked up and plugged into PCs within hours of being found. The controlled experiment at the University of Illinois concluded that a flash drive attack is not only effective, with an estimated 45% to 98% of dropped drives connected, but also expeditious, with the first drive connected in under six minutes.
Story #2: Even the U.S. Department of Homeland Security is Vulnerable
In yet another example, it was widely reported in 2011 that, as part of a study, the U.S. Department of Homeland Security randomly dropped USB and optical drives in government and private contractor parking lots – and more than half of those who picked one up readily plugged it into their work computer. Bloomberg News reported that 60% of those workers and contractors who picked up the drives plugged them into office computers. The report also said that 90% of found drives stamped with official government logos were plugged in.
Clearly, this proves the viability of attacking computer networks with the simplest-possible approach. As to the reasons why professionals could be so careless, it seems that an element of human nature includes seeing oneself as an exception – or seeing this instance as an exception. That, evidently, is all the permission that people need to plug an unidentified flash drive into even the most “secure” computer network.
The lesson here is that intentional attacks are far from the only way that sinister viruses and malware come into data ports. In fact, intentional attacks are most likely the minority.
The broader threat is unintentional. A thumb drive that gets used at home and then at work brings with it anything the home computer might have picked up along the way in the form of bugs and bleeps from the vast Petri dish of the Internet.
USB flash drives are not, by any means, the only devices that serve as carriers of computer viruses and malware. A smart phone that was synced to the home computer brings these viruses and malware to work just as thoroughly, and if an employee plugs in at work to charge, then the viruses and malware find a new home at the office.
If the USB port is the front door, the unassuming flash drive is the lock, key, and knob all in one.
What Makes the Paradox So Striking
Like cybersecurity, the desire and urgency behind home protection and monitoring systems is evident in their very proliferation. The growing glut of home security devices can be fascinating – and distracting – in its sheer variety.
Door connection monitors and motion sensors were early forays into remote monitoring of the home, and even today most home security systems still are based on notifying a central station of any anomalies, and then triggering a two-stage response to a possible incursion. Today, both active and passive motion sensors are available, as a sign that further development did continue, even in a paradigm that was based on reaction and remote response, rather than on prevention.
Surveillance cameras might be considered the next step up in electronic home security. Whether true or not, the image of this solution has been that it was better suited for the “rich-and-famous.” Constant cameras were for many years a solution chosen for businesses, warehouses, governmental and defense installations, and other applications that could devote serious budgets to security. Lately, image sensors have become available that, to a certain extent, might eliminate the need for continual human monitoring of the surveillance cameras in some applications.
One blessing of the digital age seems to be that things get less expensive – if you can afford to wait. And so it is with surveillance camera solutions for home security. Now, video doorbells are available that can send video signals from the point of view of a homeowner’s front door to the mobile device in their pocket and do it remarkably inexpensively.
This continual evolution of electronic home security is mirrored in the programming and software solutions to cybersecurity, with one important difference. We can presume that the homeowner who deploys electronic security has at least locked the front door. Strangely, people who depend on data networks and information systems for the life of their enterprise usually do not do the same.
Where to Find the Answer
Yes, it appears that the obvious is dealt with last when it comes to cybersecurity. Blocking the hundreds of data ports and connectors that exist in the workplace – with computer security devices designed precisely for the task – is the only way to truly complete your cybersecurity perimeter. In addition, making sure that authorized persons have ready access is just as vital to the efficiency and effectiveness of your organization as blocking them is vital to security.
Locks and keys for your ports and connectors are among the most basic solutions, and they provide reliable security protection for your computers and laptops. Lockable connectors not only provide secure USB connections, but they also lock your devices so that they cannot be removed without authorized access. Locking high-speed cables complete the security perimeter.
This is barely the beginning of what devices are available today to lock the front door of your network security perimeter, but it is a beginning to consider with some sense of urgency. Without securing your devices, your data ports, and your connections, the front door to the systems on which you depend remains wide open.
