In recent years, the Internet of Things (IoT) has had a growing influence in the consumer market, reaching the heart of the industry and infrastructure. The enthusiasm for these innovations and the possibilities they have brought, however, clashes with the doubts that experts have not failed to point out about the increased risk of cyber attacks. The current situation - and especially the one in progress - can only lead to one conclusion: Cybersecurity will become more and more a central node for the security of companies in every sector.
Jean-Baptiste Gillet (Strategy Director for Cybersecurity at Bureau Veritas) pointed out that in the last four years the danger of cyber attacks against "connected objects" has increased exponentially from 3 to 7 times, with a net 50% increase from 2018 to 2019. In short, the theme of cyber security can no longer be ignored, but rather must be approached with lucidity and determination.
IoT: a possibility or a threat?
With the boom of the Internet of Things, the attack surfaces have increased exponentially - in 2025 it is estimated that the attackable objects will be 40 billion - so much to constitute a consistent slice of the sum of the devices exposed to such risk: about 25% of the total, where the remaining percentage is constituted by the classical computers.
Whether it's taking control of connected cars by cracking Wi-Fi encryption or identifying vulnerabilities in connected locks, there are more and more examples of such attacks. As if that weren't enough, hackers are also finding it increasingly easy to exploit the flaws in connected objects to create Botnets, i.e. networks of Bots, to bring threats on a large scale. A recent example is Mirai Botnet, which infested several sites and services through surveillance cameras in 2016.
Increase surfaces vulnerable to cyber attacks
At this point there is a need for clarification. The IoT universe also includes objects from everyday life, such as electric toothbrushes and blenders. The fact that a computer hacker takes possession of my connected toothbrush is not a problem not to sleep at night. But it's different if he has access to the safety system of a company that produces chemical components: controlling sensitive systems can dramatically compromise their safety and lead to very real risks for people's safety. If you have seen "Upload", the TV series available in streaming on Amazon Prime, you will surely also be aware of the danger of being able to remotely control cars with automatic driving. No spoilers: the accident happens in the middle of the first episode.
But is Cybersecurity able to meet these new challenges?
According to Philippe Sissoko, Operations Director of LCIE Bureau Veritas, a distinction must first be made between the types of "connected objects":
Short-Range Device: these are objects that work thanks to Wi-Fi or Bluetooth and are available to the general public. An example are speakers that can be connected to computers or smartphones via Bluetooth, Wearable objects such as Smartwatches or even Devices such as Google Home or Alexa. These everyday objects are particularly exposed because their danger in the event of an attack has been underestimated until now. But the increasing number of personal data theft has already raised more than a few alarm bells.
Long-Range Device: This group includes Smartphones, for example, which use cellular technology.
Another important distinction, which is directly related to the previous one, is related to the use made of IoT objects. The technology used to connect toothbrush and Smartwatch is the same as the technology used to connect the different components of an implant. And in this case, as you can easily guess, the danger that some cybercriminal could take control of the surveillance system of a hydroelectric power plant is much higher.
European Directives and Cybersecurity Act
In order to prevent these risks from becoming real threats, very strict protocols have been introduced, such as the one issued by the European Union in 2016 and the subsequent Cybersecurity Act of 2019, which provides for 3 levels of IT security with appropriate certification operations:
High for financial institutions and infrastructure
Substantial for large companies
Basis for everything else, meaning also the objects of daily use described above.
Cybersecurity as a Friend
That's where we come in. Thanks to the passion that immediately brought us closer to the subject and, above all, to the skills that we have developed over years of work "in the field", we are able to make a very specific and precise analysis of the computer security systems that your company is equipped with, so as to identify those areas that are potentially vulnerable and then create the appropriate countermeasures and ensure your work from the criminal action of clever and experienced Hacker.
The Goodcode method
Our method, which we explain in more detail here, has been tested and perfected thanks to real cases, even complex solutions, and consists of 4 phases:
For more information and for a free health assessment of your Cybersecurity system please do not hesitate to contact us. Our philosophy is linked to the concept of Cybersecurity as a Service and we would be happy to explain the advantages and advantages in detail.