July 23, 2020, will be especially remembered by our CTO Grega Preseren, who is an avid cyclist and a loyal user of Garmin smart devices. Each training session ends with data synchronization from a smart device (clock, counter) to the Garmin cloud, followed by an enthusiastic review of the training analysis generated by the smart Garmin application. Unfortunately, this time it didn’t work out. Garmin Connect services did not work (and still don’t). The blackmail virus, which also stopped the mobile and web apps for all Garmin users around the world, made our smart devices “stupid.” Most smart features are available exclusively through a web or mobile application. All of Garmin’s smart devices have suddenly become useless and will remain so until the problem with the extortion virus at Garmin is resolved.
As digitalization will soon move everything in the cloud, we can only wonder what the consequences would be if another, more important services were hacked this way. In the age of smart homes, autonomous vehicles, smart factories, and all the other “smart” stuff, cybersecurity must be one of the most important components of the entire service.
What can cloud service providers do today to prevent such inconveniences from happening tomorrow?
Cyber environments are a “living organism”. There are changes every day that can affect security posture, whether it’s a brand new IT device, new functionality in an app, a newly published vulnerability, or simply a whole new idea of a creatively thinking hacker.
In order to be one step ahead of hackers, it is necessary to establish a system for continuous validation of security controls. Constant checking of security mechanisms is the least that providers of such services can do today to make their services secure and available to everyone at all times.