Connect It? Protect It! – CyberSecurity Awareness Month 2020

October is designated National Cybersecurity Awareness Month. This designation is to help raise cybersecurity awareness. The Cybersecurity and Infrastructure Security Agency and the National Cyber Security Alliance have announced this year’s theme:

Do Your Part. #BeCyberSmart.”

Each week in October 2020, a different area of cyber awareness will be emphasized. This week’s emphasis is: ‘If you connect it, protect it.’

It is estimated there are 4.8 billion Internet users worldwide.

These users access computers, IP phones, cell phones, gaming consoles, tablets, etc. These devices connect to other devices such as routers, switches, and servers. There are also Supervisory Control and Data Acquisition (SCADA) systems such as those used on manufacturing assembly lines. An example of a SCADA system is automobiles that are assembled by robots. SCADA systems are connected to company networks. We also have the ‘Internet of Things’ (IoT), which includes refrigerators, thermostats, security cameras, etc. In addition, we have the ‘Internet of Medical Things’ (IoMT), which includes insulin pumps and pacemakers.

The 4.8 billion Internet users are accessing over 31 billion connected devices worldwide. Each of these devices needs to be protected. In some cases, the outcome of improperly protected devices has been devastating.

Threat #1: Hacktivists, Making a Political Point

Water treatment plant attacks have been targeted, where attacks changed the amount of chemicals added to tap water or caused sewage to be spilled into the water supply.

In addition to equipment damage, attackers can cause disruption by putting systems out of service. One way to shut down a computer system is by a Distributed Denial of Service (DDoS). In a DDoS attack, the attacker installs an app on a device that allows the attacker to order the hacked device to send messages to a target device or group of devices. The device with the app installed is known as a bot (short for robot) or a zombie. A group of bots is a botnet. When zombies send enough traffic, the target device is unable to function. There has been a DDoS attack which took out an entire country. In another attack, the Eastern U.S. Internet was put out of service.


Threat #2
Cyber attackers can be more traditional criminals, such as people trying to steal things.

The UK National Health System was shut down due to a ransomware attack. An attacker installs harmful software that encrypts a person’s hard drive. The encrypted hard drive then displays a screen that tells the victim to pay the ransom in order to get the decryption key to decrypt his or her own data. In another case, a hacker used a smart phone to penetrate a Las Vegas casino network through the casino’s fish tank thermostat. The hacker was able to steal the financial data of their big gamblers.

These are only examples, not an exhaustive list. Everything is being connected at an unprecedented rate, to include household appliances, medical devices and industrial automation systems.  We must maintain awareness of all of our connected devices in order to thwart attackers.

The average American has ten connected personal devices. We live in a connected world. These connected devices must be protected. Predators lurk in that world.

Do Your Part. #BeCyberSmart.

Find out more about the BIGGEST threat to your network.