Cybersecurity. As the connectivity of devices increases, the number of potential attack points for hackers also multiplies. A combination of hardware and software solutions enables data to be reliably protected in spite of this.
2019 was a record year for cybercriminals. Experts at F-Secure, a Finnish IT security provider, recorded an all-time high number of cyberattacks, running to a total of 5.7 billion. The damage caused by cybercrime is enormous. According to consulting company Accenture, companies around the world will face added expenditure. And also loss of revenue amounting to around USD 5.2 trillion over the next five years due to cyberattacks.
Accenture proposes three areas of action for improving cybersecurity:
- Governance: (Global) collaboration with other organisations. Companies must strengthen cooperation with managers, government representatives and supervisory authorities. Everything for better understanding how cyberattacks can be prevented.
- Business architecture: Protection and security with a model based on digital trust. Companies must work intensively to master the basic principles of cybersecurity. They must protect their business models throughout the entire eco-system of partners and supply chains.
- Technology: Advance business development and improve security. New technologies need to be applied, IoT security must be mastered, and preparations must be made for the quantum challenge. At the same time, software security and update functions must be integrated into mobile and IoT devices right from the very start.
In the case of many more serious incidents, attacks targeted cryptographic keys and digital certificates that uniquely identify machines or devices in the IoT. “Cybercriminals understand the power of machine identities and know they are poorly protected, so they target them for exploitation,” says Kevin Bocek, Vice President of Security Strategy and Threat Intelligence at Venafi, a provider of solutions for machine identity protection.
Hardware-based security
Reliable protection of security-critical information in devices involves a combination of software and hardware. Software can still be modified at a later point. But hardware is protected against remote manipulation once it has been integrated. Hardware security modules (HSMs) are used for applications with very high security requirements like FIPS140-2 or Common Criteria. Such modules are typically integrated as separate hardware chips, but can also be integrated into the Microprocessor-Unit. A security chip of this kind is akin to a safe in which security-relevant information is stored separately from the software. To have the ability to react to attack methods that change over time, the central security module itself can also be updated.
What is FIPS 140-2?
FIPS (Federal Information Processing Standard) 140-2 is a U.S. government standard that describes the encryption and related security requirements that IT products should meet for confidential but unclassified use.
One example of an HSM being designed as an integrated security module is the Trusted Platform Module. This is fed with system fingerprint data along the boot chain. That is the job of the currently active bootloader stage. Similar to a block chain this solely relies on the assumption that previous stages were trustworthy and the current stage has no chance to trick the system because it cannot influence the previously reported traces. When the device starts, the OS is trying to access key objects which are only readable when the TPM went through the correct boot sequence before.
The Trusted Computing Group defines how such a Trusted Computing Platform is realised. This non-profit organisation has set itself the goal of developing globally applicable industrial specifications and standards for security modules of this kind. Rob Spiger, Vice President of Trusted Computing Group, had the following to say: “With attacks becoming increasingly more complex in their nature and more devices getting connected, creating new vulnerabilities such as the possibility of everyday items like smart fridges becoming hacked, it is critical that the industry has an effective way of tackling them now and into the future.”
Cybersecurity against forgery
In this context, a good deal of hope rests on blockchain technology. A blockchain is essentially nothing more than a database distributed among numerous computers that documents digital transactions. They enable data to be stored so that it is more or less forgery-proof. Cryptographic processes are used to join data blocks such that any subsequent change can be detected.
Originally, blockchains were perceived as a Holy Grail of cybersecurity for the open exchange of information. Yet it is now evident that even this technology has a few weak points in terms of data protection. Blockchains and hardware security modules integrated into IoT devices are increasingly being combined. Meaning that information can be securely saved and transferred right from the very point where the data was generated. As such, hackers have few opportunities left to do damage with their attacks.