Saturday, December 2, 2023

Cyber-Physical Attacks Leave People Vulnerable and Helpless

Cyber-attacks can lead to various consequences, including injuries and death. Surprising as it may seem, security breaches in cyberspace have an impact on the physical environment.

A malicious actor can seize the computing or communication components of various systems and cause damage to property and endanger people’s lives. For instance, they can turn the building’s lights off, make a motor vehicle steer off the road, and force a drone to land on enemy territory.

While attacks of this kind aren’t new and we’ve been familiar with the risks for some time now, we’re slow to react to them. The invisible threat keeps on growing and more and more computers are hacked.

Cyber-physical attacks are accelerating alongside the IoT. While nothing catastrophic has occurred yet, the experts believe that it’s just a matter of time. It’s highly likely that the cyber-attacks will strike at a local or regional level. This pretty much leaves people vulnerable and helpless because they’re not safe at work or at home.

Using computers affects the physical world in ways that we wouldn’t have imagined. More exactly, as more physical objects are controlled by computers that are interconnected, there will be new threats in terms of bodily injury and property damage. Cyber-attacks, which are aimed at compromising data/information and obtaining financial gain, now affect regular individuals, not only corporations.

Data-driven Environments, Powered by Connected Devices and Network connectivity, favor cyber intrusion

As highlighted before, advanced technology facilitates cyber intrusion. A hacker can send malware, including viruses, over the Internet, which penetrates the targeted device and allows them to gain full control. Many areas of our economy rely on operational technologies that are increasingly interconnected. The increase in cyber-attacks is directly proportionate to the increase in the number of IoT devices. The items in question are vulnerable to hacking because they rely on aging architectures. More often than not, IT departments are completely unaware of the number of devices on their networks, so it’s unreasonable to expect them to manage security issues on time.

While software systems have changed our lives for the better, they can lead to non-negligible damage, physical damage in particular. We can all remember the NHS cyber-attack, when GPs and hospitals were hit by ransomware. It was impossible to access patient data and ambulances were diverted from hospitals. Luckily, no one died during that incident. When it targets critical infrastructure, a cyber-attack causes real-world deaths. Most of us take for granted the fact that we have a place to go whenever we’re ill. But what if we couldn’t access the necessary treatment? It would be a disaster. WannaCry canceled surgeries and appointments all across the United Kingdom.

It’s believed that interconnected cars will be the chief cause of accidents in the future. Automotive manufacturers will no doubt need a team of cyber security experts to protect the cars of the future. Since vehicles connect to one another, they automatically become vulnerable to cyber-attacks. As these vehicles will be fitted with even more advanced technologies, there will be an impact on car accident compensation claims. According to the compensation specialist lawyers, with years of know-how, working at, human error will begin to fade away. At this point, there’s no way of knowing if cyber-crime will kill the autonomous car. However, automakers will have to dedicate more time to secure their products.

Cyber-physical attacks have a domino effect that we can’t afford to ignore

With the enormous amount of sensitive information stored digitally, organizations must take the proper protective measures. Cyber-attacks have a considerable ripple effect. More exactly, a coordinated attack launched by sophisticated malicious actors can have devastating effects on business operations and destroy their brands, alongside profitability and margins. Within the networked economy, it’s difficult, if not impossible to contain an attack once it’s launched. The outcome is that all sectors of society are affected because smart technologies are used to control everything from her work we do to our spare time. A cyber-physical attack can easily have a domino effect, which translates into the fact that it doesn’t remain within the walls of the organization that’s being threatened.

Standard cyber security insurance policies don’t offer protection for bodily injury and property damage. Insurers insist on the fact that it’s not necessary to provide specific coverage, but reality has proved them wrong. No matter if insurance companies claim that commercial general liability covers claims arising from data breaches we know that it’s not enough in the event of a costly litigation. Speaking of which, a new tort of negligent enablement has been proposed, which holds software providers accountable for malicious actors that exploit vulnerabilities. Basically, they can be sued for cyber security negligence (i.e. the lack of proper cyber security measures).

What’s important to understand is that until insurance companies catch up with the risk, organizations risk being sued for cyber security negligence. The lawsuit can be based on the vulnerabilities of the information security infrastructure. Regardless if the injury in question is of physical nature or it’s an injury to character, the cyber security vulnerabilities are responsible for the risk to the sensitive information. The plaintiff has a strong chance of winning the case, which doesn’t come as surprise. Negligence is the number one leading cause to cyber-physical attacks. In plain English, the human factor plays an important role in escalating an incident of this type.

Final considerations

Cyber-physical attacks can represent serious offenses and the end result is always astonishing. The bad news is that it’s impossible to eliminate all the risks associated with cyber intrusion. But that doesn’t mean that we shouldn’t even try to do something about it. To be more precise, it’s possible to reduce harm. Security must be built into the connected devices given the rate at which malicious actors change their strategies. Digital, as well as electronic communication, is a potential hacking opportunity. All in all, we should keep up with the speed of IoT.


Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles