According to foreign statistics, hackers’ attacks on Internet of things (IOT) devices have increased by 300% in the past two years, and this situation will be improved for a long time in the future. Yingruien MCU development engineer said that at this stage, the security design in the embedded development field related to the Internet of things is still very weak, especially when the attackers and attack methods are becoming more and more complex.
Most people are familiar with software attacks and often keep the security software updated. However, now more and more hackers are shifting to hardware attacks. Single chip microcomputer (MCU) and microprocessor (MPU) generally exist in our homes and production equipment. The security design of these chips is generally not very strong.
The data show that in 2018 alone, the shipment of semiconductor chips exceeded 1 trillion, which also means that there are a large number of vulnerabilities, which provides more opportunities for hardware hackers to invade. Compared with the challenges of protecting software, the challenges faced by hardware in many aspects will be broader, more dangerous and more difficult.
Here are two related cases:
(1) Seagate hard disk was found to have two independent Trojans built in in 2007, and malicious software will guide the hard disk to upload its data to the server.
(2) In 2012, a kind of malware called Rakshasa was difficult to find and eliminate.
In addition, some attacks can cause hardware failure by manipulating the environment variables of the system, thereby interrupting the power supply, high temperature sensor or clock signal. The attacker slipped malicious instructions into the processing gap caused by the failure.
The existence of hardware back door is a nightmare for users. Some communication infrastructure components, monitoring, network equipment and more and more industrial control systems are under increasing threat.
Yingruien MCU development engineer said that it is necessary to prevent this situation, such as making reliable circuits and formulating Safety specifications in design, which can reduce the possibility of attack.