AI at Every Computing Layer to Stop Cyberattacks - Industry Today - Leader in Manufacturing & Industry News
 

August 22, 2023 AI at Every Computing Layer to Stop Cyberattacks

How manufacturers can modernize cybersecurity postures with AI automation to defend today’s rapidly expanding attack surface.

By Camellia Chan, CEO and Co-Founder of Flexxon

Taiwan Semiconductor Manufacturing Company (TSMC), the world’s largest contract chipmaker has been center stage of the East-West tug-of-war for the supply chain of microchip production and distribution. Ironically, a systems integrator within the company’s own supply chain was responsible for a recent ransomware exposure. The average total cost of a data breach in 2022-23 was $4.45 million and is expected to net out as a $30 billion business for cybercriminals this year. TSMC is currently in a stand-off with criminals over the $70 million ransom demand, one of the highest ever.

CISOs and other security leaders are deploying cutting edge cybersecurity software stacks, rigorous cyber hygiene policies, and zero-trust procedures in a perpetual arms race against cybercriminals. But they should guard against sole reliance on reactive, software-based defenses, which have thus far allowed hackers to continue their activities largely unchecked. New technologies including cloud, AI, connected devices including robotics, and blockchain have jettisoned the complexity of defending against cyberattacks into the stratosphere. Manufacturing should spare no expense to secure their systems, implementing a comprehensive multi-layer approach, a holistic posture that leverages AI and hardware level protections.

Smart manufacturing means defending an expanded attack surface

Criminals have increasingly targeted managed service providers, the software supply chain, and the cloud. The manufacturing industry loves cloud computing for fulfilling their smart factory aspirations, many employing 20, 50, or 100 cloud solutions. But cloud’s virtual machines and various storage containers means a much wider attack surface to defend, numerous identity and admin privileges to manage, and greater potential for misconfigurations and unpatched 3rd party servers. When data is being transmitted from a client to the cloud or between cloud services, it travels over networks, including the internet. Data is most at risk when in transit, so hackers often attempt to intercept data in motion by eavesdropping, packet sniffing, or man-in-the-middle attacks. CISOs should execute regular penetration-testing of applications, use secure coding practices, and use static and dynamic application security testing solutions. Companies should also build their defenses on diversified and multi-layered cybersecurity software stacks that secure each layer of OSI 7-layer model.

Prevent hardware from being a security posture gap

Cybersecurity defenses at the hardware level have long been overlooked, representing the final frontier against data theft
Cybersecurity defenses at the hardware level have long been overlooked, representing the final frontier against data theft

Once cybercriminals breach a manufacturing or industrial company’s systems, the resulting stoppage in business, loss of revenue, regulatory penalties, reputation damage, and even physical injury can be catastrophic. Once cybercriminals have gained access to organizations’ systems or their valuable data, it is too late to remedy the situation. While protecting the application layer down through the network layers is essential to protect data, leaving a gap in the hardware layer renders those efforts deficient. The seventh layer of the OSI model, the hardware, is often referred to as the bottom layer – but that should not imply that this is an unimportant level. Modern cyber threats often are designed to jump from the cloud directly to the machine’s OS, endpoint devices, and the SSD firmware.

CISA noted in a whitepaper that “while nothing can eliminate all cybersecurity risk, the addition of hardware security technology can turn previously vulnerable spots into the strongest points in a network and dramatically reduce an organization’s attack surface.” If we integrate our best defenses by also including the physical computing layer, we can prevent the loss of millions of dollars should encryption protocols fail.

AI vs. AI

Cybercriminals are using AI/ML tools to automate the complex processes required to carry out cyber-attacks, enabling them to do their work more efficiently. Unfortunately, generative AI tools like ChatGPT lower the bar for lower echelon cybercriminals who may not be savvy coders, while also multiplying the productivity of skilled attackers. Generative AI tools give bad actors the capacity to generate human-like responses using generated images, voice recordings, and videos, which can make phishing attacks look more credible, duping people into exposing security vulnerabilities. Forward-thinking CISOs have already moved their organizations towards solutions that remove the human element from the equation, with models like zero trust architecture and deployment of AI-powered cybersecurity tools, and this trend must continue to grow. IBM’s 2021 report indicated, “Organizations with fully deployed security AI and automation experienced breach costs of $2.90 million, compared to $6.71 million at organizations without security AI and automation.” 

Deploying AI to expose criminal behavior

Low-level AI-embedded solutions ensure that hackers will be thwarted upon trying to access the data storage, even if other layers are breached. This enables security leaders to scale down the perimeter where cybercriminals can attack, forcing them to play on their turf in a standoff for the data – no matter from where the attack comes. Low-level AI creates conditions wherein attacks reach a threshold that strips down their “disguise”, revealing their malicious intent. Regardless of the hackers’ layered programming or disguises, when they arrive at the hardware layer, they will be deflected.

With so much on the line and the proliferation of smart manufacturing systems, it’s no surprise that the majority of manufacturers (58%) say they have now elevated the responsibility for cybersecurity leadership to the board level. If they implement more holistic cybersecurity defenses that incorporate hardware and embedded AI solutions into the overall infrastructure, they can stop hackers in their tracks, cornering them in a small, sealed, and fully engineered environment.

camellia chan flexxon
Camellia Chan

Camellia Chan is the CEO and co-founder of Flexxon, a next generation hardware-based cybersecurity solutions provider. Since its inception in 2007, Camellia has grown Flexxon into an international business with a presence in over 50 cities. With Camellia’s passion for innovation and tech for good, Flexxon continues to expand its essential suite of cybersecurity services through its flagship X-PHY brand.

 

Subscribe to Industry Today

Read Our Current Issue

ASME & Discovery Education: STEM Programs Prepare Future Workforce

Most Recent EpisodeASME: Driving STEM Education Initiatives

Listen Now

Patti Jo Rosenthal chats about her role as Manager of K-12 STEM Education Programs at ASME where she drives nationally scaled STEM education initiatives, building pathways that foster equitable access to engineering education assets and fosters curiosity vital to “thinking like an engineer.”