The physical risks of Connected Storage

Apr 30, 2018

The convergence between physical and digital security is a trend that the InfoSec community has been aware of for quite some time now, and with the rise of the Internet of Things, the line between physical and digital risks has never been more blurred. We know that if a driverless car were hacked, the risks would include theft, hijack, injury or even death. If the remote connection of a power plant were taken over, threat actors could unleash a deliberate outage, or even a nuclear meltdown. In all of these examples, the risks have physical implications. 

Connected Storage and the Internet of Things 

To a certain extent, any digital breach could entail physical consequences. However IoT makes physical risk more tangible because it forms a bridge between the two worlds. In some cases it provides an entry point (via the Internet) for threat actors to impact our physical world. However, when it comes to Connected Storage, the risk posed is not through providing a connection point, it is through the nature of the data stored on it, which could be exploited to plan physical attacks. 

Connected Storage and convergence 

When we talk about Connected Storage, we have in mind the devices that make information centrally accessible amongst a given network of people. In a specific sense it has several formats: cloud storage; personal NAS drives; databases. This is the realm of IoT which involves storing data, and as data-leak detection experts, this is the area of IoT that interests us. 

In addition to the traditional settings of data leaks, such as the Deep and Dark webs, CybelAngel is also scanning Connected Storage. We do this because we know that these devices are often badly protected, and because threat actors are exploiting them. We have found sensitive documents (scientific formulas, NDAs, PII) on unprotected Connected Storage. In some cases we have also witnessed such documents being traded on the Dark Web, covered in articles by investigative journalists, or used to plan cyber attacks. In other cases we have found highly sensitive documents, such as airport or bank blueprints, open and accessible via Connected Storage. It doesn’t take much imagination to deduce the physical risks - robberies, hijackings, attacks - that this sort of information could facilitate. 

Forget Connected Storage at your own risk 

As we continue to look to the digital world to enhance the way we do business, the lines between the physical and digital world will become increasingly blurred. The security industry is no exception to this trend: a data leak can easily enable a physical breach (and by the same token a physical breach could enable a cyber attack). As we start to shift towards a more centralized approach, we cannot forget the risks - both physical and digital - of Connected Storage. This is a risk that doesn't fit neatly into either a physical security strategy or an information security strategy. It runs the risk of flying under the radar, and yet, if you ask us, it fully deserves to be included in both.