Post by account_disabled on Sept 14, 2023 11:23:16 GMT
Mahadeva Visaappa, chief architect at technology modernization firm SPR, said digital twins use the same complex set of technologies and configurations that make up the real world. That is, the same complex structure of systems, computing power (usually located in the cloud), networking, and data flow exists in digital twins.
“Every endpoint and cloud platform whichever Phone Number List product you use must be protected,” Visafa said. “We must also protect all data supplied to the digital twin.” Visafa's position is that digital twins further expand the attack surface that hackers can exploit. “Digital twins are just another Internet-connected application, so the same kinds of security issues arise,” he continued.
Kane McGladry, CISO at Hyperproof and senior member of the Institute of Electrical and Electronics Engineers (IEEE), a non-profit professional association, said the increased use of digital twins raises additional concerns. He said that he may not be able to secure it.
a problem of perception
McGladry asked, “Are CISOs aware that digital twins are being used?” and noted that he has seen cases where each business unit implements digital twins on its own without consulting the security department. “It’s difficult to apply effective control measures to something you don’t even know exists,” he continued.
There are also legal and regulatory issues. A key concern is whether digital twin operators can ensure that data used in digital twins is processed in a way that complies with regulatory requirements related to privacy, confidentiality, and geographic location of the data. Data ownership can also be an issue, especially when companies partner with other entities to operate digital twins.
McGladry says some companies are concerned that adding specific or too many security controls will degrade digital twin performance, leaving business and engineering teams using digital twins unable to properly address security and risk considerations. He added that there is.
More new risks emerge
Some believe that more risks will arise due to the nature of digital twins. Jason M. Pittman, a professor in the Department of Cybersecurity and Information Technology at the University of Maryland Global Campus (UMGC), is one of them.
Pittman highlighted the security risks associated with so-called “evil digital twins.” In a recent UMGC blog, Pittman said, “Next year will see the rise of evil digital twins. This malicious virtual software model will be used to power cybercrime activities such as ransomware, phishing, and highly targeted cyber warfare. “The uniqueness provided by evil digital twins will make these attacks much more effective than traditional methods.”
“Hackers can create digital twins of existing personas and insert them into the enterprise environment,” Pittman told CSO. He may subsequently inject malware into the ecosystem while spying on companies and engaging in their activities. “It is another attack vector for hackers, but there are many cases where defenses against this are not in place,” he said.
Distortion of simulation results
Pittman said there are also other new attack scenarios that result from the use of digital twins. For example, if a hacker is able to infiltrate a digital twin environment, he or she could steal data or, depending on his or her motivation, manipulate the data used in the digital twin to intentionally distort simulation results.
Regarding the potential impact of this scenario, Pittman said, “Digital twins are another example of technology being disseminated without thinking about what impact it will have. I'm not saying digital twins are good or bad, people do it all the time. “It won’t be anything close to a disaster, but something serious will happen,” he said.
Pittman is not the only one concerned about the potential for new security threats arising from digital twins. While researching digital twins, Boswell also encountered concerns about the possibility of hostile forces manipulating data within the digital twin. “One of the issues that was raised, although we didn’t look at it specifically in this report,” Boswell added, was concern about a type of attack called data poisoning, which is often mentioned in relation to training data used in machine learning algorithms.
Dainvid Shaw, CEO of cybersecurity company Intuitus, also warned of the inherent risks of digital twins. Shaw, who also co-chairs the FinTech, Security & Reliability, Aerospace, and Defense working groups at the non-profit Digital Twin Consortium, said digital twins have been used in some industries for several years, but as they are used in more technologies, the risks are also increasing. He emphasized that it is increasing.
“Every endpoint and cloud platform whichever Phone Number List product you use must be protected,” Visafa said. “We must also protect all data supplied to the digital twin.” Visafa's position is that digital twins further expand the attack surface that hackers can exploit. “Digital twins are just another Internet-connected application, so the same kinds of security issues arise,” he continued.
Kane McGladry, CISO at Hyperproof and senior member of the Institute of Electrical and Electronics Engineers (IEEE), a non-profit professional association, said the increased use of digital twins raises additional concerns. He said that he may not be able to secure it.
a problem of perception
McGladry asked, “Are CISOs aware that digital twins are being used?” and noted that he has seen cases where each business unit implements digital twins on its own without consulting the security department. “It’s difficult to apply effective control measures to something you don’t even know exists,” he continued.
There are also legal and regulatory issues. A key concern is whether digital twin operators can ensure that data used in digital twins is processed in a way that complies with regulatory requirements related to privacy, confidentiality, and geographic location of the data. Data ownership can also be an issue, especially when companies partner with other entities to operate digital twins.
McGladry says some companies are concerned that adding specific or too many security controls will degrade digital twin performance, leaving business and engineering teams using digital twins unable to properly address security and risk considerations. He added that there is.
More new risks emerge
Some believe that more risks will arise due to the nature of digital twins. Jason M. Pittman, a professor in the Department of Cybersecurity and Information Technology at the University of Maryland Global Campus (UMGC), is one of them.
Pittman highlighted the security risks associated with so-called “evil digital twins.” In a recent UMGC blog, Pittman said, “Next year will see the rise of evil digital twins. This malicious virtual software model will be used to power cybercrime activities such as ransomware, phishing, and highly targeted cyber warfare. “The uniqueness provided by evil digital twins will make these attacks much more effective than traditional methods.”
“Hackers can create digital twins of existing personas and insert them into the enterprise environment,” Pittman told CSO. He may subsequently inject malware into the ecosystem while spying on companies and engaging in their activities. “It is another attack vector for hackers, but there are many cases where defenses against this are not in place,” he said.
Distortion of simulation results
Pittman said there are also other new attack scenarios that result from the use of digital twins. For example, if a hacker is able to infiltrate a digital twin environment, he or she could steal data or, depending on his or her motivation, manipulate the data used in the digital twin to intentionally distort simulation results.
Regarding the potential impact of this scenario, Pittman said, “Digital twins are another example of technology being disseminated without thinking about what impact it will have. I'm not saying digital twins are good or bad, people do it all the time. “It won’t be anything close to a disaster, but something serious will happen,” he said.
Pittman is not the only one concerned about the potential for new security threats arising from digital twins. While researching digital twins, Boswell also encountered concerns about the possibility of hostile forces manipulating data within the digital twin. “One of the issues that was raised, although we didn’t look at it specifically in this report,” Boswell added, was concern about a type of attack called data poisoning, which is often mentioned in relation to training data used in machine learning algorithms.
Dainvid Shaw, CEO of cybersecurity company Intuitus, also warned of the inherent risks of digital twins. Shaw, who also co-chairs the FinTech, Security & Reliability, Aerospace, and Defense working groups at the non-profit Digital Twin Consortium, said digital twins have been used in some industries for several years, but as they are used in more technologies, the risks are also increasing. He emphasized that it is increasing.