Throughout the pandemic, the growing need for companies to rely on digital infrastructure has given CSOs (Chief Security Officers) plenty of reasons to worry about cybersecurity. The problem is, physical threats like mail threats often go unnoticed, with disastrous results. A physical device hidden in a seemingly innocent package can introduce malicious code into your network. A cyberthreat that comes by way of a physical device is known as a “phygital” threat.
Phygital threats can take a variety of forms. Warshipping is one notable concern for CSOs. Warshipping is a trojan horse strategy that involves hacking digital infrastructure through physical devices like USB drives, wifi sticks, or miniature computers as opposed to just through the internet. These devices can then log into nearby systems to install malware or access sensitive data.
These devices are cheaper than ever. For less than $100, hackers can potentially attach their malware to any system just by sending a package in the mail. The accessible nature of launching a phygital attack means that every company is at risk.
Chief security officers around the world have been paying attention, scrambling to get ahead of this brave new world of cybersecurity. Phygital threats require responses that bridge both physical and digital security. So, let’s get phygital.
Threats on All Sides
Strong cybersecurity measures to protect your network from malicious hackers through the internet are no longer enough. At the start of this year, the FBI put out a warning regarding mail packages that contained USB devices. The USB devices held malicious code disguised as important information, and many unsuspecting employees plugged them in and granted unauthorized access to important systems.
USBs are far from the most potentially dangerous items coming through the mail. After all, someone has to plug them in before they can introduce malicious code to the system. The increased usage of physical, internet-enabled technology, such as smart devices, has brought additional complexity to phygital security. Now hackers can potentially use a smart thermometer or a Fitbit or any other digital device connected to a local network to access sensitive information. Or they could use a Raspberry Pi, which is a miniature computer hackers can easily send through the mail to get access to your systems. Unfortunately, many packages mailed to companies sit for days or weeks in mailrooms or on desks, within easy reach of servers and other critical digital infrastructure.
Cybersecurity threats can also come from utility providers. Over the years several high-profile phygital attacks, including the Natanz Iran attack, have used companies like internet service providers or data storage providers to attack specific targets.
Last year, more than one out of every three businesses got hit with a ransomware attack, where a hacker takes data or a critical system “hostage” and only gives you access once you pay. Two out of three businesses suffered from some kind of breach. Many attacks required multiple companies, government agencies, and other stakeholders to assess the threat, and even more entities were affected by them. The sheer number of attacks and the number of resources needed to address them can become tough for any one CSO to manage.
Responding to Phygital Threats
So what can you do to help protect against phygital threats more effectively? The answer is to strengthen both external and internal security measures.
- External Cybersecurity
External cybersecurity relies on network security and collaboration. Digital infrastructure providers are often vulnerable to attacks that can negatively affect all company systems. Working collaboratively with different stakeholders provides huge benefits that can offset the dangers or help you respond better to vulnerabilities and attacks
One example of different companies and providers collaborating to provide phygital security is Microsoft’s response to the Necurs botnet. Working with government authorities, private companies, and foreign governments, Microsoft was able to eliminate the botnet and create a structure to deal with similar attacks. That’s no easy task.
One major hurdle to stakeholder coordination and proactive phygital security is the high cost of more effective measures. Without knowing if or when a phygital attack will happen, companies are reluctant to spend on security measures. As this paper from Deloitte explains:
“Profit motives and thin margins in many of these industries often mean there’s little money left for costly investments in cybersecurity. And when accidents do happen, incentives to protect the brand or minimize liability can often lead owners or operators of critical infrastructure to be reluctant to share information about vulnerabilities and incidents.”
Putting aside narrow short-term interests for more proactive security measures will ensure protocols are effective in managing the multiple levels of security threats. With proper buy-in and collaboration, CSOs can create new conversations around security within their community of digital stakeholders. Working with other companies lets you create operational protocols across industries and groups to potentially prevent large-scale attacks.
- Internal Security
Collaboration is a great tool to proactively prepare for any type of cyberattack, but ultimately it’s up to individual companies to provide security for their systems. And one area that’s seriously lacking is mail security.
Many phygital threats are brought into companies by small items sent through the regular mail, like USB drives or wifi sticks. This warshipping potentially compromises the network.
The onset of hybrid work brings additional nuances to protecting against phygital attacks. Many employees are constantly in and out of offices, often leaving unattended mail. Finding and neutralizing mail threats in all the chaos of the new workplace is nearly impossible without the right tools.
CSOs need to be aware of what potential threats might be sitting on a desk within their companies. You should consider implementing scanning measures for all incoming mail as soon as it’s received. For example, companies can use a 3D mail scanner to check packages for potential threats.
Not all solutions are technology-based. Having security experts on call to assess potential threats is equally important. Does that package hold a harmless birthday gift, or is it a serious threat to your network? Having staff on call to find out will help you respond to potential threats in real-time.
The world is only becoming more digitally integrated. Hacker groups will try to take advantage of the huge physical blindspot to access digital infrastructure. The challenge to CSOs is, can they cover both physical and cyber points of entry? The goal should be to get to the point where the answer is an overwhelming “yes”.
Likam Kyanzaire 