Recent cyberattacks launched by the US and other militaries are a reminder of the vulnerabilities that all connected systems have, no matter how sophisticated or highly-classified they are.
Silently and without suffering a single casualty, the US military managed to sow havoc within Iran’s intelligence services and missile defense system with a series of cyberattacks late last month.
According to an article this month in Forbes, cyber warfare is now entering a new phase of increased integration between the physical and cyber domains and a mix of defensive and offensive cyber capabilities is now on display in this evolving battlefield.
October 2019 Update: In addition, Privacy Affairs has published Cyberwarfare statistics: A decade of geopolitical attacks, a resource which provides insights on the nature of cyber attacks, the attack origins, and whom the attacks target.
These recent attacks indicate not only the changing face of modern warfare, but also the ways that new vulnerabilities in product technology can be exploited, especially with billions and billions of new IoT devices set to be deployed in homes, businesses, and critical infrastructure control systems across the world in the coming years.
In other words, the hacking methods that can take down an Iranian missile control system can also penetrate and manipulate the connected devices in your house, your office, and the controller systems that run the critical infrastructure factories and facilities where you live. And with state actors like Iran, China, Russia, and others increasing their involvement in cyber warfare, the level of resources invested in these attacks has soared – as have the risks.
For military systems and home and office devices, going offline is not an option. These devices will stay connected and it is not enough to rely solely on network detection. In order to safeguard these devices and the networks they connect to, the devices must be resistant to modification, and have built-in runtime security tools in place – provided by the manufacturer – that will allow them to self-protect against attempts to modify their code.
As cyber warfare becomes more common in the coming years, we should expect attacks to target critical infrastructure systems, potentially disrupting the lives of many millions of people across entire countries.
In this new reality, state-of-the-art cybersecurity tools that can safeguard runtime integrity and prevent malicious actors from injecting code into advanced weapons and critical infrastructure systems is a must.