Unfortunately, constant connectivity is a double-edged sword, bringing both convenience and security concerns that need to be considered and mitigated in order to best safeguard your endpoints and network.
What Exactly is an Endpoint?
An endpoint is a unit at the end of a communication channel that is accessed via a connected network and includes devices, tools, services, applications, and nodes. Traditionally the term endpoint referred to hardware such as modems, routers, hots computers, and switches connected to the network.
However, the advent of the Internet of Things has created a world populated by always on, always-connected endpoints such as smartwatches, smart appliances, smart vehicles, and commercial IoT devices. This shift to continual connectivity poses a variety of cybersecurity challenges that need to be considered.
Whether You Consider Them Endpoints or Not, IoT Devices Pose Serious Security Concerns
Whether you consider IoT devices to be endpoints or not, it is undeniable that unsecured IoT devices pose a security threat. To help safeguard your digital assets (including your network and the data stored on it), you need to be aware of the security vulnerabilities IoT devices introduce to your network so you can make an informed decision about whether or not your organization wants to allow these devices on your network.
This is particularly concerning since most wearable tech devices don’t require a password or PIN or use biometric security features, which means if an attacker is able to physically steal your device, there is nothing keeping them from accessing the personal data on the device or potentially using it as a gateway to infiltrate your network.
The Ability to Capture Photos, Video, & Audio
The always-on nature of these devices means this can happen either with and without your consent, raising serious privacy concerns from both a personal and organization-wide perspective.
Non-Secure, Continuous Wireless Connectivity
Though most of us protect our laptops, smartphones, and tablets with PINs or passwords, wearable devices don’t typically offer this feature, creating unsecured points of entry to your other devices. Much like investing in a high-quality front door lock and then leaving a main floor window open, unsecured endpoints, including IoT devices, present a serious security vulnerability.
A Lack of Encryption
Most of these devices aren’t encrypted, which means your data is left exposed whenever you sync your wearable technology with another device such as your smartphone or store it on a manufacturers’ or third party’s cloud server).
Minimal or Non-Existent Regulations Leaves Organizations Legally Vulnerable
Most of the security issues posed by wearable devices will need to be addressed by the manufacturers that produce them, which means the legal issue around self-regulation vs. government regulations is an important point to consider. Whether manufacturers self-regulate or fall under the purview of regulatory bodies, companies that suffer a breach because of the security shortcomings of a wearable or other IoT device will likely be held fully accountable from a legal perspective.
These security concerns should give organizations that are considering allowing wearable technology on their networks reason to pause. Though these wearable IoT devices have become commonplace, organizations should carefully consider the security implications of those devices before allowing them to potentially access sensitive company data and may want to consider keeping these devices off their networks until better security features become available.
Though your IoT thermostat and smart refrigerator might seem like odd targets for hackers, like wearable technology, the focus of the attack isn’t necessarily the IoT device itself. Instead, these devices act as a gateway to the rest of your network and the sensitive data stored on it.
Depending on how interconnected your home or workplace is, cybercriminals may be able to use these IoT devices to turn off your security system, access financial or human resources data, or even spy on your family or employees via your security cameras or nanny cam.
Attackers may also target these devices for their computing power alone, using your smart lighting system to mine cryptocurrencies (an attack known as cryptojacking, which we discuss in detail in this educational article).
Hacking someone’s car to cause it to crash may sound like something out of a James Bond movie, but with smart vehicles, this movie trope has become a reality. A recent study by a team of security researchers at the New York University Tandon School of Engineering and George Mason University found that car infotainment systems that are connected via protocols like MirrorLink can be exploited to override safety features.
Other research teams discovered similarly troubling results when looking at Mazda, Volkswagen, and Audi smart cars. This study found that MZD Connect firmware in Mazda’s connected cars can be used to run malicious scripts using a USB flash drive plugged into the car’s dashboard. In response to the research, Mazda put out a disclaimer clearly stating that third parties are not able to carry out remote customizations on their connected cars, but the data suggests otherwise.
Research conducted by Pen Test Partners found that third party car alarms (which often claim to protect against keyless entry attacks) can actually decrease security by allowing cyberattackers to exploit vulnerabilities in the alarms themselves to:
Turn off engines (potentially causing the vehicle to crash)
Send geolocation data to attackers
Allow cybercriminals to learn the car type and owner’s details
Disable the alarm
Unlock the vehicle
Enable and disable the immobilizer
Spy on drivers and passengers via the car’s microphone
These security flaws may make it easier to cause car crashes or steal vehicles, a safety and security nightmare neither individual car owners nor organizations corporate fleets want to deal with.
Third-party apps can also introduce security risks, a startling discovery backed by research conducted by Kaspersky. In this study, the research team tested seven of the most popular apps from well-known brands and found that most of the apps allowed unauthorized users to unlock the vehicle’s doors and disable the alarm systems, and none of the apps were secure.
These involve cybercriminals intercepting and possibly altering or preventing communications between two systems. In an industrial IoT setting, this could involve tampering with safety protocols on industrial robots, potentially damaging equipment or injuring workers.
Just like it sounds, device hijacking involves unauthorized parties seizing control of a device. Unlike man-in-the-middle attacks, these types of attacks can be difficult to detect because the device’s basic functionality typically remains unaffected. In industrial and commercial IoT settings, attackers may use a single compromised device to either infect other smart devices on the grid or use the device as a gateway to gain access to more sensitive areas of the network.
DoS, DDoS, & PDoS Attacks
DoS: Denial of service (DoS) attacks are designed to render a device or network resource unavailable (denying service) by temporarily or permanently disrupting services provided by a host machine such as a web server.
DDoS: Distributed denial of service (DDoS) attacks involve flooding the host with incoming traffic from multiple sources (often either a group of attackers or a single attacker controlling a botnet of devices). These types of attacks are incredibly difficult to stop because you will need to block all incoming traffic from all malicious sources, turning your defensive actions into a game of cybersecurity whack-a-mole.
PDoS: Permanent denial of service (PDoS) attacks (also called phlashing) are similar to DoS and DDoS attacks, but the goal is not to cause temporary disruption but instead to damage devices so badly that they need to be replaced or have their hardware reinstalled. An example of this type of attack is the BrickerBotmalware, which is coded to exploit hard-coded passwords in IoT devices to cause a permanent denial of service. Attacks like BrickerBot could be used to damage water treatment plants, knock power stations offline, or damage critical factory equipment.
DoS, DDoS, and PDoS attacks can be used to target IoT devices and applications, causing serious disruptions, serious injuries, or permanent damage in both commercial and industrial settings.
Protecting Your Devices (& Yourself) in an Always-Connected World
All of these security concerns may have you tempted to throw out your computer and brush up on your typewriter skills, but there is hope. Here are some steps you can take to manage your IoT device security risks.
Take steps to protect your IoT device security by ensuring all IoT devices are fully under the owner’s control at all times and are not being exploited by unauthorized users to access your network or harness devices for a botnet or other illegal activities. To do this, make sure you have protocols in place to actively monitor all IoT devices and look for signs of tampering.
Safeguard your organization’s data by taking steps to ensure that all data generated by IoT devices is not exposed or altered when stored on devices, transferred around the network, or transmitted to cloud-based services (including cloud networks owned by either the device’s manufacturer or provided by third-party cloud companies).
Take steps to safeguard individual’s privacy and organizational privacy by putting alerts in place that will notify you if private or sensitive information is being captured or generated by IoT devices. If that data must be collected, make sure you know where that data is going, how it is being stored, and what it is being used for. This will not only help safeguard your organization’s data but, depending on your industry or vertical, may be required by legislation such as GDPR, PCI, or HIPAA.
Are you considering incorporating IoT devices in your workplace? The VirtualArmour team is here to help you assess the risks and create flexible yet robust security protocols to help safeguard your organization, your workers, and your data and develop a cybersecurity incident response program tailored to meet your organization’s unique needs. For more information, or to start updating your security posture, please contact our team today.
WiFi 6 offers a lot of benefits over its predecessors, but uptake remains sluggish. In this article, we will explore the factors in the current technical environment that are impacting this revolutionary new approach to WiFi’s slow uptake.
The Risk of Being an Early Adopter
WiFi 6 was first announced in 2018 by the WiFi Alliance, making it still relatively new. As such, many organizations aren’t yet ready to make the switch. There also aren’t a whole lot of WiFi 6 clients out there yet, limiting choice and making it more difficult for organizations to find equipment that they know will meet their needs. Though some individuals and organizations pride themselves on being early adopters, most are more inclined to wait until any bugs or potential issues have been addressed before taking the plunge.
Companies in particular, who would need to invest large sums of money upgrading their entire networks to ensure compatibility, risk investing in unreliable equipment that may offer a poor UX experience or suffer from incompatibility issues. When you buy and deploy too soon, you might not be able to upgrade without re-purchasing everything again, dramatically increasing deployment costs. While larger enterprise-sized companies may be able to absorb the cost of re-purchasing equipment should they discover a compatibility issue or other problem, SMBs tend to have fairly limited IT budgets, which make re-purchasing a hard expense to handle.
Not All Devices on the Market Support WiFi 6
WiFi 5 remains the default when it comes to devices, so even if you upgrade your WiFi network, chances are most BYOD employees, customers, and visitors won’t likely notice the difference. WiFi 5 devices can work on WiFi 6 networks, but because they can’t broadcast in the 6GHz band, they will be limited to WiFi 5 speeds.
Samsung has already announced compatible products, and Intel has begun manufacturing WiFi 6E compatible devices (though they have done so without any fanfare or even a press release or announcement of any kind). However, Apple remains a holdout and has yet to announce a WiFi 6 compatible device.One source speculates that once Apple gets on board, we will see a noticeable increase in interest.
Once more WiFi 6 compatible devices (including smartphones, desktops, laptops, and tablets) begin to emerge, companies and individuals alike may become more inclined to make the switch so they can enjoy all the benefits WiFi 6 offers.
WiFi 5 is Still Going Strong
If it isn’t broken, why fix it? For many organizations, their WiFi 5 network and devices are still in good condition and continue to meet their needs. While upgrading to WiFi 6 will offer some benefits (assuming they invest in WiFi 6 compatible devices as well), many organizations are more inclined to stick with what works than invest in new equipment prematurely.
WiFi 6 Equipment is Still Quite Expensive
Because it is still relatively new, WiFi 6 compatible equipment and devices are still relatively expensive compared to their perfectly functional, tried-and-true WiFi 5 counterparts.
Most organizations can’t risk investing large sums of money in equipment that may present issues (such as the compatibility issues we will discuss later in this article) or be unable to meet their needs and are therefore more likely to upgrade with extreme caution.
Not Every Organization is Ready to Upgrade
Upgrading your entire network, or even just your employee’s work devices, is a large expense. As such, many SMBs need to plan their upgrade cycle’s carefully and do their best to get the most out of their current equipment before investing in an upgrade. Many WiFi 5 routers and other WiFi 5 devices and equipment are still in excellent condition, so it may not make sense to invest in a whole new network right now when your current solution continues to meet your needs.
Depending on where an organization is in their upgrade cycle, it may be a few years until a new networking solution is needed and everyone is due for new work phones and laptops. And even if organizations are ready to upgrade now, they may opt to stick with what they know and wait to adopt WiFi 6 on their next upgrade cycle once more devices, APs, routers, and other equipment options are available and have a proven track record.
Upgrading Your Whole Network is Inherently Disruptive
Upgrading is also disruptive, impacting productivity while the network is offline and potentially presenting a learning curve as workers familiarize themselves with new devices and equipment. As such, many organizations try to minimize the number of times they upgrade or may time their upgrades for periods of downtime when business is likely to be slow, and the impact of the disruption can be minimized.
Your WiFi Network & Devices are Just One Piece of the Enterprise Network Puzzle
When most companies think of WiFi, they think of the devices that rely on the network and the visible equipment, such as APs, that support them. However, upgrading your WiFi network, laptops, tablets, smartphones, and desktops is only the beginning.
To fully enjoy the benefits WiFi 6 offers, organizations will need to upgrade their entire network infrastructure, which can be costly and highly disruptive. Only upgrading your WiFi can present compatibility issues with the rest of your IT infrastructure, so you will need to conduct a holistic review of your existing IT ecosystem before committing to WiFi 6.
Compatibility issues can wreak havoc on your network, preventing your workers from completing tasks and bringing productivity to a grinding halt. As such, it is critical that you do your research before you commit to upgrading and consider consulting the experts to ensure you’ve covered all your bases.
Over the last year, there has been a lot of chatter surrounding WiFi 6 (also referred to by its IEEE standard name 802.11ax). But what exactly is WiFi 6? In this educational article, we will discuss what makes WiFi 6 different from its predecessors, WiFi 4 and WiFi 5, so you can get the information you need to make informed decisions about upgrading your WiFi network.
This is critical as the number of devices in each home and business continues to rise. The days of a single device per employee and a shared household computer are long gone; according to Statista, the average American household was home to 10.37 connected devices in 2020, and that number is likely only going to continue to increase. Many employees are now equipped with a laptop and a company phone, and with the continued rise of IoT devices in both homes and workplaces, the demand for bandwidth will only increase.
What are the Benefits of WiFi 6?
WiFi 6 offers a wide range of benefits, including:
WiFi 6 promises speeds up to 30% faster than WiFi 5, which means your employees can spend more time working and less time waiting for web pages and internet-based programs to load.
In situations when you are relying on a single router, WiFi 5 and WiFi 6 offer approximately the same range because WiFi range is dictated by the radio frequencies the APs can access (5GHz and 2.4GHz). However, if you switch to a WiFi 6 mesh system, you can increase coverage by placing the APs farther apart and use WiFi 6’s faster speeds to make up for the increased distances. Being able to place APs farther apart can be incredibly beneficial in situations where physical cabling is either inconvenient or impossible to lay.
Though the increased distance between the APs will cause a small decrease in network speed and performance, this decrease is so minuscule you and your team likely won’t notice a difference.
Latency (the amount of time it takes for something to load) remains a large problem for many WiFi users. How fast and reliable your WiFi is depends on a variety of factors, including the signal strength of your connection and how many other devices are on the network. By expanding bandwidth access, your network will now be able to support more devices than before, allowing all WiFi traffic to move faster and increasing network reliability.
WiFi 6 achieves this using OFDMA (Orthogonal Frequency Division Multiple Access), which is an extension of OFDM (Orthogonal Frequency Division Multiplexing) architecture (which is used by WiFi 4 and wiFi 5). While OFDM relies on a single-queue style system, which requires each device to patiently wait its turn to receive data, OFDMA allows the router to transmit data to more than one device at a time, dramatically reducing or even eliminating the need to queue.
It does this by splitting traffic into smaller packets, so each device can receive a small amount of the data it is waiting for and pass that information on to the end-user while it is waiting for the rest of its packets. This functionality is great for high-traffic environments such as stadiums, conference centers, and large retail environments where employees, visitors, and customers are going to need WiFi access.
Connecting to a WiFi network requires a proportionally significant amount of power, particularly if a device is moving in and out of WiFi range. Wider ranges, and the ability to comfortably support more devices, means that devices will need to expend less energy maintaining a reliable WiFi connection, which means your devices will be able to go for longer between charges.
WiFi 6 accomplishes this using target wake times (TWTs, also called wake time targets), which allow the APs to communicate with devices and let them know how long they will be left waiting between transmissions. By providing devices with this information, the devices can “sleep” between transmissions, only waking up when the device needs to connect again. These short bursts of downtime significantly reduce how much power the battery needs to expend to maintain a WiFi connection, which can extend the battery life of laptops, smartphones, tablets, and other WiFi-connected devices on your network.
Better Throughput & Reduced Congestion
When there are more devices on your WiFi network than the network can comfortably serve, WiFi performance suffers, and some devices may lose connection entirely. Because WiFi 6 uses OFDMA, it has better MIMO (multiple in/multiple out).
Using multiple antennas, each AP is able to talk to several devices simultaneously, while WiFi 5 networks can only respond to one device at a time, creating bottlenecks and slowing down the connection of every device on the network. Being able to respond to multiple devices at once reduces the amount of time each device needs to wait for its turn, increasing speeds for everyone.
Another advantage of WiFi 6 over its predecessors is BSS (basic service set) “colors”. These colors, labeled 0 through 7, are incredibly useful when multiple APs near one another are transmitting on the same channel. While older WiFi deployments typically assigned multiple APs to the same transmission channels (a necessary approach given the limited amount of bandwidth available), causing traffic jams and slowing down everyone’s connections. To make matters worse, devices weren’t able to effectively communicate or negotiate with each other to maximize channel resources, increasing congestion further.
Using the color-coded system, APs can assess signals from each color and determine whether they can use the spectrum at the same time as another device without causing interference by selecting a color that isn’t currently in use.
It’s like if a grocery store had seven checkout lanes open instead of one: The old WiFi standards required all shoppers to cram into a single checkout lane, but the shoppers can talk to one another, so sometimes two or more shoppers will try to purchase their items at the same time, causing a traffic jam while the cashier sorts everything out. The color-coded system allows each shopper to assess which of the seven checkout lanes has the shortest line (or ideally no line at all) and line up there, improving efficiency and getting everyone out of the store faster.
WiFi 6 offers a wide range of benefits from both a security and usability perspective. Are you considering upgrading to WiFi 6? Our experts have experience with a wide range of technologies, verticals, and industries and work with organizations of all sizes to support their IT and networking needs.
For more information about WiFi 6, or to get started planning your upgrade, please contact our team.
Wi-Fi is getting its first major update in almost 20 years. On April 1 of last year, the FCC announced that they would be opening up more of the broadband internet spectrum to unlicensed traffic.
This is an exciting moment for Wi-Fi users everywhere, but before you start preparing to change over and fill your office with new Wi-Fi 6 devices, let’s discuss what Wi-Fi 6 is, what improvements it brings to the Wi-Fi experience, and when such devices will be available to general users.
What is Wi-Fi 6?
The 6 in Wi-Fi 6 refers to the area of the spectrum the FCC is opening up. Wi-Fi 6 will allow routers to broadcast their signal in the 6GHz frequency of the band, in addition to the 5GHz and 2.4GHz ranges already open to ordinary consumer devices.
This represents the biggest change in Wi-Fi since the FCC first cleared the way for Wi-Fi in 1989. By opening up the 6GHz area of the spectrum, there will now be more space for routers and other devices. This increased bandwidth space will reduce interference and improve the user experience for everyone. Even users without Wi-Fi 6 devices can benefit, as Wi-Fi 6 devices leave the 5GHz and 2.4GHz areas of the spectrum, freeing up more space for older devices.
Faster Wi-Fi At Your Fingertips
Latency, the amount of time it takes for something to load, can be more than just a nuisance; it can also sap productivity and disrupt workflow. Your Wi-Fi connection can be slowed down by a number of factors, including how many devices are trying to connect at once and how strong your signal is. Opening up the spectrum will allow devices to spread out, much like widening a road reduces congestion, allowing all Wi-Fi traffic to move faster and more reliably.
These faster speeds are achieved using OFDMA (Orthogonal Frequency Division Multiple Access), which lets routers split data into smaller packets and transmit information to multiple devices at a time. This is a significant improvement over the older OFDM method that earlier Wi-Fi versions use, which relied on a single queue system that required each device to patiently wait its turn to receive or transmit data to the router.
Increased Device Range
If your workplace is small enough that you only require a single router, you likely won’t notice a huge range difference between Wi-Fi 5 and Wi-Fi 6. However, larger workplaces that require multiple routers (and rely on a mesh system) will be able to take advantage of Wi-Fi 6’s faster speeds to place access points farther apart without sacrificing speed or signal strength. This will make Wi-Fi 6 ideal for workplaces where cabling is difficult or impossible.
More Battery Power
Connecting to Wi-Fi, and staying connected, can quickly drain your device’s battery, particularly if you are moving in and out of range. The increased range of Wi-Fi 6, coupled with its ability to comfortably support more devices at a time, will reduce demand on your device’s battery.
This is achieved using wake time targets (also called target wake times or TWT), which allows the device to “sleep” when it isn’t actively sending or receiving information. Traditional Wi-Fi required devices to stay on and wait for information, slowly draining the battery even when you aren’t actively using your device.
Wi-Fi 6 is a Boon to the Internet of Things
The IoT has revolutionized a lot of the things we do, but without a fast and reliable Wi-Fi connection, these connected smart devices can be incredibly frustrating to use. Wi-Fi 6 is perfectly situated to support IoT devices, since Wi-Fi 6 access points will be able to support more devices, without compromising connection speed or quality, than their 5GHz and 2.4GHz counterparts.
Though many individuals in the tech space are currently focused on how Wi-Fi 6 will benefit larger venues (such as large retail spaces, healthcare facilities, stadiums, and the hospitality industry), the IoT industry stands to benefit significantly. Some technology manufacturers are even already offering Wi-Fi 6 routers and other devices.
There are a few features the Internet of Things is particularly set to benefit from, including:
Speeds of approximately 10Gbps, or even 12 Gbps, over short distances.
The ability to support 4x as many devices per access point.
More efficient data throughput, which is particularly useful for IoT devices and applications that rely on 4K video, Virtual Reality, and Augmented Reality.
Target wake times mean longer battery lives.
The Pace of Change
Though most home internet users and organizations won’t necessarily switch over right away, there are already several Wi-Fi 6 routers, access points, and other devices on the market, including products from big names such as Cisco and Mist.
Updating your current infrastructure to take advantage of Wi-Fi 6 may be a daunting proposition, and before you make any change you will need to make sure your new configuration is both secure and complies with all relevant security standards. Make sure you consult with knowledgable experts, including your MSSP, to help make your transition as smooth and secure as possible.
Fear is one, if not the most, powerful motivators for action. It’s a profoundly primal instinct designed to protect us from harm by searing bad experiences into our memories so that we can avoid them in the future. Spam relies on the instinct of fear to get otherwise rational people to act irrationally. Many data engineers are actually trained on the tactics that scammers use to trick their victim into clicking on malware.
How is Spam Related to Fear?
Spam accounts for 85% of all email sent and received globally on a given day, and refers to any unsolicited and unwanted communication, usually email, that is sent out in bulk. Though most spam aims to sell unproven, ineffective, and possibly dangerous products and services to gullible consumers, a small percentage aims higher.
These spam emails, such as phishing emails or malicious links or attachments, usually utilize fear tactics to gain information related to usernames, passwords, or banking information from unsuspecting readers.
How Does Fear Make Spam Effective?
Fear makes us deeply uncomfortable and can override even our most rational instincts. Scammers and other cybercriminals know this, which is why they play on our fears to manipulate us into doing what they want.
How Spam Sparks Fear
Most of us strive to be good, so when even the most rational among us receive an email saying there was a billing error or that we owe unpaid taxes, our fear response kicks in to respond. The same thing happens when we’re told our computer is infected with malicious software, or that we are suspected of being connected to some illegal activity, and the police are on their way to arrest us unless we “click the following link.”
Even seemingly positive spam emails play on our sense of fear of missing out. After all, if we aren’t willing to help a wealthy Nigerian prince gain access to his vast fortune, he will just ask someone else for help, and we will miss out on the generous reward. This holds true for spam emails selling a “miracle cure” since missing out on a “miracle cure” motivates the fear of poor health down the road.
All of these scenarios spark fear of consequences or fear of missing out, priming us to act.
Spam Positions Itself as the Solution
Once the scammer has frightened us, they swoop in and offer a solution. Often it’s something very simple and straightforward, such as clicking a link, downloading a file, or responding to the email with personal information. After all, it’s in the scammers’ best interest to make it as easy as possible for you to hand over your money or personal information.
Once the action is complete, the reader is compromised, and the scammer has all or most of the information they need to harm the reader, either by stealing money from their accounts or using their credentials for nefarious purposes.
The Anatomy of a Spam Email
The average spam email follows a fairly predictable format. The headline is usually phrased to invoke a sense of urgency and trigger our fear response (such as “Payment Declined – Immediate Update Required” or “Re: Claim Office”, which makes it look like someone is responding to an email you sent them.) The email headline may also be worded to suggest that the reader is the one in the wrong (such as implying that a payment is past due, or that this is a final payment notice).
The Sender’s Address
The sender’s persona typically falls into one of two broad categories: They are pretending to be someone authoritative that you trust (such as an Apple employee who wants to help rectify your payment problem) or someone you know (like a co-worker who needs some information from you).
The Body of the Email
In the body of the email, the message of fear really takes root. The reader is typically told that something has gone wrong (or that a once-in-a-lifetime opportunity has presented itself) and that they need to take action to either fix the problem or reap the rewards. In the above examples, a declined payment will likely require the reader to input their “correct” or “updated” banking information so that the payment can be processed or their reward can be sent, or provide other personal information.
The scammer may even ask you to help them perpetuate the scam by having you respond to them and forward the email to your contacts. This not only gives them access to your bank account or other personal details but also makes their original email seem more legitimate to your friends or co-workers by having it come from someone they trust.
The Goal of Spam
The goal of most spam is to scare us into acting quickly by instilling a sense of urgency and triggering a fear response. This helps ensure that the reader acts before they have rationally considered the email, and asked themselves important questions such as who sent it, why they are sending it, and what risk they take in responding to the email.
How Can I Protect Myself Against Fear-Motivated Spam?
One of the easiest things you can do to help protect yourself from email spam is ensure that you have robust spam filters installed. These filters can prevent the most obvious spam from getting through to you or your employees.
Next, you should always take a close look at the sender. Is this someone you can trust? If you aren’t absolutely sure the sender is trustworthy, then you should reach out to them via a communication channel (such as calling your friend or contacting the company’s support line directly) to verify. This is particularly true for unsolicited emails or emails that are formatted so that they appear to be a response to an email sent by you.
Finally, you should evaluate each email carefully. Look for obvious red flags. These include:
Typos in the sender’s address, such as “[email protected] (Note the extra “p” in the domain name). However, DNS spoofing allows scammers to masquerade as legitimate companies, so make sure you look at the whole email address, not just the domain name.
The form of address. Does the sender address you by name, or simply call you “customer” or “friend”?
Embedded links with strange URLs. To assess a URL, hover over the text without clicking so that you can see the actual address. If the link appears suspicious, enter it into your browser directly instead of clicking on the embedded link. Spam emails often include spoofed links that are designed to look like they originate from reputable sources.
Bad spelling, grammatical errors, and typos. This may indicate that the writer has a poor grasp of English, or that the text was translated using a translating app such as Google Translate.
Suspicious attachments. If a suspicious email includes attachments, verify why they are there and what they contain when you contact the sender.
Offers that sound too bad (or too good) to be true. Apple isn’t going to brick your iPhone over a billing error, and even if that Nigerian prince is real, he has no reason to share his vast fortune with you just because you forwarded his chain email to all your friends and family members.
Spam doesn’t look like it is going anywhere soon, so we need to take steps to safeguard ourselves and our businesses from cybercriminals. Learning to identify spam can help, and remember: when in doubt, don’t click.
Though traditionally operational technology and information technology were kept separate, these two worlds are becoming increasingly intertwined, and both forms of technology are becoming more likely to connect to the internet.
What is Operational Technology?
Operational technology (OT) refers to the hardware and software used to change, monitor, or control physical devices, processes, and events within a company or organization. This form of technology is most commonly used in industrial settings, and the devices this technology refers to typically have more autonomy than information technology devices or programs.
Examples of OT include SCADA (Supervisory Control and Data Acquisition), which is used to gather and analyze data in real-time and is often used to monitor or control plant equipment. Industries such as telecommunications, waste control, water control, and oil and gas refining rely heavily on SCADA systems.
Many types of OT rely on devices such as PLCs (Programmable Logic Controllers), which receive information from input devices or sensors, process the data, and perform specific tasks or output specific information based on pre-programmed parameters. PLCs are often used to do things like monitor machine productivity, track operating temperatures, and automatically stop or start processes. They are also often used to trigger alarms if a machine malfunctions.
Access to OT devices is typically restricted to a small pool of highly trained individuals within an organization, and these types of devices may not be updated or changed for months or even years. Since these devices are highly specialized, they rarely run on standardized operating systems (like iOS or Windows), and instead, generally, require custom software to function.
What is Information Technology?
Information technology (IT) refers to anything related to computer technology, including hardware and software. Your email, for example, falls under the IT umbrella. This form of technology is less common in industrial settings, but often constitutes the technological backbone of most organizations and companies. These devices and programs have little autonomy and are updated frequently.
Access to IT programs and connected devices are typically less restricted than to OT devices, and many, if not all, employees at a given organization may be granted access.
The main difference between OT and IT devices is that OT devices control the physical world, while IT systems manage data.
What are Industrial Control Systems?
Industrial control systems (ICS) are a type of OT and consist of any systems that are used to monitor or control industrial processes. This could include a mining site’s conveyor belt or an alarm that lets employees know if a piece of equipment is getting dangerously close to overheating.
ICSs are often managed by SCADA systems, which may provide users with a graphical user interface. This interface allows the user to observe the system’s current status, enter system adjustments to manage the process, and observe any alarms that indicate something is wrong.
How to Intermix Operational & Information Technology with Industrial Control Systems
At first glance, IT and OT may not seem compatible. OT systems are isolated and self-contained, designed to run autonomously, and rely on proprietary software. On the other hand, IT systems are connected by nature, have little autonomy, and generally run using readily available operating systems. However, incorporating IT into your OT operations can have many benefits.
IT Can Improve OT Operations
In the past, most OT devices were utterly cut off from not only the internet but even most internal networks, and could only physically be accessed by a select few authorized employees. However, it’s becoming increasingly common for OT systems (including ICSs) to be monitored and controlled using IT systems.
While inputs on many OT devices may have traditionally been limited to a physical panel or keypad that required workers to input commands or data physically, more OT systems and devices are now being controlled and monitored remotely via the internet.
IT can be used to make operating an ICS or other OT device easier. IT can be used, for example, to monitor parts and alert employees when a component is failing, allowing the employees to procure and install the spare part before the damaged part fails. By replacing the damaged part before it fails, employees can not only help ensure that production isn’t disrupted but can also prevent a cascading effect if the damaged part’s failure could lead to more extensive damage. A damaged part may not only cause a machine to fail, but that failure could also have serious consequences for the health or safety of employees working nearby.
IT can also provide employees with real-time reports on the state of the OT device, and allow them to respond and correct system errors in seconds. This means that if an alarm goes off to let employees know that a piece of equipment is malfunctioning, they can either shut down the device remotely (reducing the chances of an industrial accident) or otherwise address the situation right away before it becomes more serious.
Don’t Forget to Secure Your Connected OTs
IT systems can be a huge boon for ICS and other OT systems; it can also leave OT systems vulnerable to cybersecurity attacks if appropriate precautions aren’t taken. Any time a device is allowed to connect to the internet, or even to a network that can be accessed via the internet, there is a chance that a cybercriminal could gain unauthorized access.
A cyber attack against an OT device could have catastrophic consequences. Not only can specialized equipment be damaged (resulting in costly repairs), but the damaged equipment could pose a health or safety hazard.