• Email
  • Facebook
  • LinkedIn
  • Twitter
  • Vimeo
Contact Us

Manufacturer's Edge

Transforming Colorado One Company at a Time

  • COVID-19 Resources
    • Main COVID page
    • Product & Services Directory
    • Critical Supply List – Manufacturing Specs
    • Cybersecurity
    • Health and Safety in the Workplace
    • Loans & Financial Resources
    • National/International Resources
    • State Resources
    • Supply Chain
  • About Us
    • Staff and Locations
    • Board of Directors
    • Partners
    • Manufacturing Minutes Newsletter
    • Videos
    • Webinars
    • Success Stories
    • Congressional District Fact Sheets
  • Services
    • Cybersecurity
    • Continuous Improvement
    • Technology Acceleration
    • Supplier Development
    • Sustainable Practices
    • Workforce Development
    • Online Programs
  • Events
  • Small Manufacturer’s AdvantEDGE
  • Manufacturers Connect
You are here: Home / Uncategorized / Simply Cyber (vol 28): Taking a Bite Out of Bots

Simply Cyber (vol 28): Taking a Bite Out of Bots

Like so many things we encounter in life, bots—software code “robots” designed to perform certain tasks automatically—can be good or bad. Chatbots, like those that guide you through voice-activated payment or troubleshooting processes, are programmed to respond to a finite set of human questions. Nothing useful comes of insulting them or asking repeatedly for a real person to talk to unless you hit on the right combination of words. (I’ve tried.) Googlebots crawl websites in spider fashion to scan for content. (I’ve lost many hours to reading obscure tidbits these selfless research “assistants” uncover.)

Malicious bots, however, are not our friends. They may scrape content from legitimate websites so that phishing websites appear authentic enough to fool people looking for information, for example, updates on Covid-19. (The ratio of fraudulent or spoofed websites to legitimate websites is estimated to be 20 to 1.) Computers that have been “turned” (an old spy term for what occurs when a secret agent is compromised and becomes a double agent, thus working at cross-purposes to his or her original mission) can be gathered into botnets (shorthand for “robot networks”). The combined computing power of a botnet can then be used to launch distributed denial of service (DDoS) attacks, disrupt home and office network communications, or other criminal and malicious activity as a commodity service for as little as $5 per hour.

The increased threat from malicious botnets can be attributed to both economies of scale (if $5 per hour is too salty for one’s taste, more economical monthly subscriptions are available) and the exponential increase in the number of prospective “agents” that can be turned: all those interconnected devices that constitute the Internet of Things (also the Industrial Internet of Things—or even the Internet of Everything). An estimated 34 billion devices are connected to the Internet, almost triple the number estimated in 2015.[i] These devices are used in production facilities to control cyber-physical systems, in our homes (refrigerators, TVs, digital assistants, thermostats), in our cities (surveillance cameras, traffic control systems), and in our cars (self-driving features). Consider the potential consequences of Internet-enabled devices being herded together for compromise, command, and control by adversaries. Deeply disturbing.

Initiatives to take a bite out of bots are addressing the challenge along various dimensions. The Council to Secure the Digital Economy released its 2020 International Botnet and IoT Security Guide in late 2019.[ii] The National Institute of Standards and Technology (NIST) published its Foundational Cybersecurity Activities for IoT Device Manufacturers (NISTIR 8259) in May 2020 after a public comment period. The NIST recommendations define baseline cybersecurity capabilities recommended for manufacturer adoption. The National Telecommunications and Information Administration (NTIA) has worked with industry partners to draft guidance on adapting the familiar manufacturing practice of using a bill of materials (BOM) to software development. This latter initiative has resulted in development of a healthcare industry proof of concept[iii] and is proceeding to build in security byte by byte (sorry, I could not resist) by making more transparent the black box that software often appears to be. The NTIA’s progress report released 30 July 2020[iv] mentions 50 different initiatives that are underway through public-private partnerships aimed at taking a bite out of bots.


[i] https://www.businessinsider.com/bi-intelligence-34-billion-connected-devices-2020-2015-11

[ii] https://securingdigitaleconomy.org/wp-content/uploads/2019/11/CSDE_Botnet-Report_2020_FINAL.pdf

[iii] https://www.ntia.doc.gov/files/ntia/publications/healthcare_sbom_proof_of_concept_-_update_2020-04-15.pdf

[iv] https://www.ntia.doc.gov/blog/2020/progress-report-fight-against-botnet-attacks

Consulting

Featured Consulting

Company transformations

Training

Training

Results-driven training

Events

Events

Browse upcoming events

Success Story

Success Story
Improvements and Expansion Helps Propel the “Fairy Godmother of Fire” to New Heights

Tim and Voni Flaherty met while attending law school in Chicago and started a grand adventure that has seen them explore a variety of career opportunities. Having gone from law to banking to general management at Caterpillar, it was while living in San Antonio a few years ago that

Increased Sales
$5M
Retained Sales
$2M
Jobs Saved
16
Jobs Created
27
Read Full Story
Manufacturer's Edge
Manufacturer's Edge
2650 E 40th Ave
Denver, Colorado 80205
info@manufacturersedge.com

Click here to find our staff & locations
Sign Up for Email Updates
For Email Marketing you can trust.

© 2021 · Manufacturer's Edge All Rights Reserved

Phone: 303.592.4087

  • COVID-19 Resources
    ▼
    • Main COVID page
    • Product & Services Directory
    • Critical Supply List – Manufacturing Specs
    • Cybersecurity
    • Health and Safety in the Workplace
    • Loans & Financial Resources
    • National/International Resources
    • State Resources
    • Supply Chain
  • About Us
    ▼
    • Staff and Locations
    • Board of Directors
    • Partners
    • Manufacturing Minutes Newsletter
    • Videos
    • Webinars
    • Success Stories
    • Congressional District Fact Sheets
  • Services
    ▼
    • Cybersecurity
    • Continuous Improvement
    • Technology Acceleration
    • Supplier Development
    • Sustainable Practices
    • Workforce Development
    • Online Programs
  • Events
  • Small Manufacturer’s AdvantEDGE
  • Manufacturers Connect