2021 has been a busy year for hackers, with data breaches worldwide now costing an average of £3.03 million per incident. One of the reasons for this dramatic increase is the rapid shift to cloud-based activities to accommodate remote working.
Fortunately, AI and automation are thwarting the surge in cybersecurity threats. However, the pace in which digitisation across industries is happening means that there may be weaknesses in your network infrastructure, particularly in cybersecurity practices that focus on physical hardware — including storage devices, printed circuit boards (PCB), and tap access points, to name but a few. Hardware is actually a huge cybersecurity blind spot.
Why is physical hardware the biggest blind spot in cybersecurity?
A major factor that makes physical hardware more vulnerable to cybersecurity threats than software is that hardware programming is ‘uneditable’. This means that because PCB layouts are permanent once they leave the factory, any vulnerabilities found in its hardware can no longer be patched.
Another way that hardware becomes a blind spot is through a company’s use of AI for cybersecurity. The zero-trust model assumes a breach in all scenarios, so factors like encryption are needed to ensure security. However, AI systems constantly require access to large amounts of data, some of which can be accessed on your company’s hardware. A zero-trust model can work well with applications and production-ready AI models, but training AI cybersecurity systems means you’re sacrificing some of your security.
How can businesses protect themselves from hardware breaches?
The first step to avoiding hardware breaches is to secure your hardware because a stolen device can lead to an attack on the company’s network and other connected devices when in the wrong hands. The best thing you can do is keep them in a space where only a select number of trusted employees can enter. You should also install a ‘find my device’ software application on everything so they can be quickly located in case they do get stolen. More importantly, you should source your hardware from trustworthy and credible suppliers.
Another thing you should be careful about is how you dispose of your physical hardware — every device has residual data or configuration information that can be a security threat to your company. Before throwing them away, you should wipe the information rather than just deleting them, as this supposedly deleted data can still be recovered using special software or hardware. If you intend to recycle a device, you can wipe it with data destruction software. But if you’re set on throwing it away, physically destroying it is an option, too.
For threats that involve both hardware and software, you can detect post-exploitation attacks using solutions like EDR (endpoint detection and response). Attacks typically don’t contain signatures, and the best ones can even evade security tools. EDR can give you post exploit visibility, which lets you look for active threats that are currently lurking in your system. This can help your IT team immediately respond before anything is compromised.
Threats to physical hardware aren’t as talked about as threats to software or the cloud. While you should understand the basics, you should also hire a capable IT manager to help you build a team of IT professionals who can address these threats for you.