a cyber-attack on Supeo, an IT service provider for the largest Danish railway company, stopped trains for several hours. Supeo provides a solution that machinists use to access critical information – work data on tracks and speed limits. During the attack, the provider shut down its servers, causing the application to malfunction, and the drivers were forced to stop the trains. After the restoration of train traffic, the next day did not go on schedule.
– In March, Toyota suspended 14 factories in Japan for a day due to a cyber-attack on Kojima Industries, a component supplier. The cyber-attack also affected other Japanese car manufacturers – Hino and Daihatsu Motors.
– In the second quarter, a major attack occurred on three Iranian steel mills, disrupting technological processes, and in one of the factories, the attackers managed to bring down a liquid iron bucket and cause a fire.
Chapter 5. About Technology
Cloud computing
One of the most sought-after technologies for digitalization and digital transformation are cloud computing, storage and services. Accordingly, the focus in the IS organization is increasingly shifting to the responsibility of providers. Here you need to look from two angles:
– major cloud service and infrastructure providers;
– local startups and small providers.
As for the first, everything is fine here: the major providers realize that they will attack, and therefore will take measures. Forewarned means armed. Additionally, in general, cloud services of large providers are developed on the principle of “all enemies around”, plus they have competent specialists in IS. Such centralization also allows fewer professionals to protect more data.
However, relative to startups and small providers are getting sadder. They don’t have the resources, and they’re likely to lose most of their money clients. The same applies to local data centers and IT services that develop within industrial companies. They are generally unable to provide the necessary level of protection. Or, as they said earlier, they just begin to go into a blind defense, and for business loses all sense of such cloud services, they are simply impossible to use. At the same time, the number of malware for Linux is growing.
The fact that almost 40% of all vulnerabilities identified and closed in 2021 with the help of PT researchers have a high level of danger also makes you wonder. Most importantly, 12.5% of all vulnerabilities have been identified in the software designed to provide protection against hacker attacks. Additionally, despite all the current situation and sanctions, the guys from PT comply with the responsible disclosure policy regarding the found vulnerabilities, i.e. inform the developers about all found vulnerabilities before they are published in the public domain.
Mobile applications
The second area that is developing along with digitalization is mobile applications: for customers and loyalty programs, for employees, mobile handlers, fixation of dangerous events, public services. Any larger organization has its own application.
At the same time, according to PT, the most popular vulnerability of mobile applications is storing user data in an open (or easily reversible) form. There was also a situation where important data was stored in public directories. Additionally, the overall share of deficiencies associated with unsafe data storage was more than 33% of all vulnerabilities found. That is, what hackers are interested in, and is one of the most frequent problems.
Experts of PT in 2022 conducted a study of 25 pairs of applications (Android – iOS). Almost everyone had problems with data storage. One of the key reasons is the excessive confidence of developers in system protection mechanisms at the level of the operating system, ignoring multi-level protection.
The largest share of vulnerabilities (14%) was in the public storage of user data. The second place was divided by vulnerabilities related to checking the integrity of applications and storing confidential information in the code (9%).
Additionally, almost every application has at least one of the following flaws:
– no detection of operating system hacking (root on Android and jailbreak on iOS);
– lack of integrity control of executable files;
– no obfuscation (code entanglement).
Android and iOS: who is safer?
Android apps have always been considered a good target for hackers: open system, wide options, easy to leave a hole in the app. With iOS it has always been the other way around: developers have little opportunity to make a mistake and leave the unnecessary “doors” open. Additionally, there was a paradigm – we buy for TOPs devices on iOS, and they are protected. However, now there is a change in this trend. Google is increasingly restricting applications, forcing developers to specify the necessary functionality. Additionally, according to recent news, Android 14 will completely block the ability to install legacy apps. And both through the application store and through self-downloading installation files. In iOS, by contrast, new ways of interacting with the operating system and with each other are becoming available to applications. In general, the boundary between platforms is blurred, and using iOS devices for TOPs in the hope of absolute security becomes too risky an undertaking.
Конец ознакомительного фрагмента.
Текст предоставлен ООО «Литрес».
Прочитайте эту книгу целиком, купив полную легальную версию на Литрес.
Безопасно оплатить книгу можно банковской картой Visa, MasterCard, Maestro, со счета мобильного телефона, с платежного терминала, в салоне МТС или Связной, через PayPal, WebMoney, Яндекс.Деньги, QIWI Кошелек, бонусными картами или другим удобным Вам способом.