491,361 active members
9,938 visitors online
Register for free
Login Register
WIBU-SYSTEMS Blog

Software Security on the Defensive

November 2018
06
Author: Wibu-Systems
Company: WIBU-SYSTEMS AG
Software Security on the Defensive

In the past few years, high profile cyberattacks to key Infrastructure have raised serious security concerns around the globe. These are just a few of the more prominent attacks:

  • Massive power outages in the Ukraine, resulting from a supervisory control and data acquisition (SCADA) cyberattack, left more than 200,000 people without power for several hours
  •  Hackers (thought to be Iranian) took control of a dam in Rye Brook, New York when they succeeded in accessing the core command-and-control-system, one of the first reported attacks to infrastructure by another nation
  • Hackers from North Korea attacked the Swift Global messaging system, used by banks to move trillions of dollars each day, resulting in a cyberheist of millions of dollars
  • Cyberattacks on a number of nuclear power plants across the U.S. and Europe emphasized concerns that malicious actors could weaponize critical infrastructure against the host country

Now, recent reports in the U.S. indicate that military weapons and security systems offer the same attack surface and exhibit many of the same vulnerabilities found in key infrastructure.

The U.S. Pentagon reported in 2016 that a communications system designed to pass secure messages between the U.S. Army’s portable radios and cellular networks around the globe was found to have more than 1,000 cybervulnerabilities, half of which had “a high potential of giving system access to an intruder.”

Furthermore, a recently concluded report from the U.S. Government Accountability Office (GAO) concluded that “nearly all” of the weapons systems in the Pentagon’s $1.7 trillion dollar purchasing pipeline have glaring cybersecurity holes, and that doesn’t include the vulnerabilities that may exist with older weapons systems that are still in operation.

Today, defense companies, are not only forced to prevent unfriendly governments from reverse engineering advanced technology and stealing Intellectual Property, but are required to protect against threats from attacks that could take human lives. As is the case in most cyberattacks, weak password management and software vulnerabilities are the most frequent causes that enable malicious actors to gain access to the system or the network and execute the exploits that were unimaginable just a few years ago, but clearly a danger today.

Security-minded companies like Wibu-Systems continue to advance software protection technology to adapt and stay ahead of ever-emerging threats. For example, our CodeMeter technology enables users to replace weak password-enabled mechanisms with cryptographic login technology using private keys and certificates that are stored in an ultra-secure dongle. We also strongly encourage our developer customers to continuously check for software vulnerabilities using available tools just as we do with our CodeMeter solution to mitigate the risks of introducing potential vulnerabilities into the software during development.

Sophisticated encryption technology, anti-debugging and reverse engineering mechanisms, secure boot protections, authentication protocols and other sophisticated techniques can all be applied to deploy the necessary levels of software security for military and any other application. These advanced protection and security technologies are proven and deployable today.

Blog Archiv

November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
October 2016
September 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016