Malware or malware is a threat since the Internet exists. Hackers constantly imagine new ways to exploit applications, websites and networks to inoculate their viruses. Any compromised device becomes dangerous for the user and all employees who belong to the same company.
Malware is typically associated with a context of cyber attacks that aims to steal personal information or to break a website. But today, with the multitude of new devices connected to the Internet, the danger can take a more physical form. Triton is a type of malware considered a computer virus capable of killing because of the role it could play in triggering an industrial disaster.
In this post, we will look at the major trends in the Internet of Things (IoT) around the world and the potential impact of Triton malware on the future of IoT.
New infrastructures in the industry
The IoT movement has provided a growing collection of equipment and devices with Internet connectivity. Gone are the days when it was necessary to install a dial-up modem at home or at the office to manage a single computer or laptop. With the generalization of WiFi, dozens of devices can now connect continuously to the same network of a home.
Connected speakers capable of receiving voice commands and performing certain actions are an example of a very common IoT device. Other smart devices such as light bulbs, security cameras, thermostats and even coffee makers can be controlled from a mobile application. The principle is to improve the flexibility and ease of use of some traditional devices by providing them with Internet connectivity. But the problem is that it raises the level of complexity of securing a home network one step further.
In the meantime, the IoT wave has also swept the business world, especially in the manufacturing industries . To monitor their production and security levels, companies are now installing smart sensors at every stage of their production cycle. The information collected is transmitted to powerful analysis systems to feed business intelligence.
The discovery of Triton
The first instance of Triton malware was discovered in 2017 at a petrochemical plant in Saudi Arabia. The cybersecurity experts spotted software that had been deployed on the factory's local network by a group of hackers. However, this software made it possible to recover high-level access rights to access internal security systems including special sensors designed to detect any dangerous situation and trigger emergency shutdown procedures.
By compromising security systems, hackers could remotely control them over the Internet. In a catastrophic scenario, they could have turned off the sensors or given them wrong data and trigger a potentially deadly disaster.
The malware was fortunately spotted before a second attack. Since the initial discovery of the malware, an experienced team of cybersecurity experts is performing reverse engineering to dissect Triton.
Despite the advances of the experts, the Triton threat has not disappeared. New forms of malware have appeared on the networks of other industrial sites, and experts believe that many companies are unaware of being infected. The risk is to see these companies attribute their dysfunctions to minor problems, without measuring the extent of what is going on behind the scenes.
The impact of Triton on the Internet of Things
Each IoT object that is added at home or in the office represents a new vulnerability for the local network to which it is attached. The increased risks posed by these smart devices are often due to the simplified operating system they use to fulfill their basic functions.
Hackers will always look for the most effective infiltration route. In other words, even if their ultimate goal is to drop a back-end server, nothing prevents them from launching their attack from another device. With the expansion of networks that are still hosting more IoT equipment, it becomes even more difficult to protect themselves online.
In the face of health and safety risks, governments are also becoming aware of the cyber security challenge of malware like Triton, and the role they have to play. In the near future, smart device manufacturers will be required to meet more stringent standards on how to secure embedded software for their products.
How can industries protect themselves?
Given the challenges, industrial companies must also intervene as early as possible to protect themselves from Triton and other similar forms of malware. New types of firewalls and intrusion detection systems now also use artificial intelligence (AI) to detect and block incoming threats. But none of these tools are foolproof.
Training must be an important part of any cybersecurity strategy. In the workplace, employees need to know what to look for and how to safeguard their safety and that of the company. For this, there is a simple way: it is enough to require that any collaborator who connects online from the offices of the company uses a virtual private network (VPN).
Some security experts would go so far as to recommend that the company make available a personal VPN service to all its employees - not just teleworkers - so that they always use it when they connect to the Internet for whatever reason. This can be seen as a 2.0 business advantage that would save the company's network in the event of a disaster.
In the event of a successful attack, the company must have a disaster recovery plan to be ready to respond. In the face of malware such as Triton, all relevant IoT devices and devices must be turned off as soon as possible and their network adapters disabled. This is how the virus is prevented from spreading on the network or the systems related to the security of being infected.
The final word
Computer viruses can have fatal consequences, as evidenced by the dangerous nature of Triton malware. IoT compromised equipment or objects is a major safety handicap. A malicious hacker is able to infiltrate a network and trigger a chain reaction that can lead to a real disaster.
Protecting people from such attacks requires a chain of shared responsibility. The smart device manufacturer needs to provide enhanced security protocols for its products. Companies using these products must block intruders outside their network perimeter. Finally, governments must compel all companies to adhere to appropriate standards to ensure the safety of people and avoid accidents.
0 Comments