A backdoor is a malware type which can surpass the normal authentication process for accessing any system or application. Some backdoors are legitimate and assist, for instance, manufacturers to regain lost passwords. However, these backdoors can be used by attackers in a computer system, network or software application to remotely access the systems without anyone on the system knowing it.
Hardware backdoors are backdoors in hardware, such as code inside hardware or firmware of computer chips. The backdoors may be directly implemented as hardware Trojans in the integrated circuit.
Back door" in technology products refers to arrangement with government or with any third party to share customers' data in an unauthorised manner with mala fide intention.
Hardware backdoors are intended to undermine security in smartcards and other cryptoprocessors unless investment is made in anti-backdoor design methods. They have also been considered for car hacking.
India's digital economy is likely to hit USD 1 trillion in next 4-5 years. Ericsson, 5G mobile services are expected to create an over USD 27 billion business opportunity for India by 2026, while Huawei has estimated India to be the largest 5G market after China in the coming 10 years.
It is the high time for the Hardware backdoors are considered highly problematic because:
* They can’t be removed by conventional means such as antivirus software
* They can circumvent other types of security such as disk encryption
* They can be injected at manufacturing time where the user has no degree of control
In the world of cybersecurity, a backdoor refers to any method by which authorized and unauthorized users are able to get around normal security measures and gain high level user access (root access) on a computer system, network, or software application. Once they're in, cybercriminals can use a backdoor to steal personal and financial data, install additional malware, and hijack devices.
But backdoors aren't just for bad guys. Backdoors can also be installed by software or hardware makers as a deliberate means of gaining access to their technology after the fact. Backdoors of the non-criminal variety are useful for helping customers who are hopelessly locked out of their devices or for troubleshooting and resolving software issues.
Unlike other cyberthreats that make themselves known to the user (looking at you ransomware), backdoors are known for being discreet. Backdoors exist for a select group of people in the know to gain easy access to a system or application.
Most of the hardware and Software OEMs keep the backdoor including CISCO , Juniper, Huawei , Microsoft and Hikvision etc.
What can hackers do with a backdoor?
Hackers can use a backdoor to install all manner of malware on your computer.
* Spyware is a type of malware that, once deployed on your system, collects information about you, the sites you visit on the Internet, the things you download, the files you open, usernames, passwords, and anything else of value. A lesser form of spyware called keyloggers specifically track every keystroke and click you make. Companies may use spyware/keyloggers as a legitimate and legal, means of monitoring employees at work.
* Ransomware is a type of malware designed to encrypt your files and lock down your computer. In order to get back those precious photos, documents, etc. (or whatever file type the attackers choose to target) you have to pay the attackers via some form of cryptocurrency, usually Bitcoin.
* Use your computer in a DDoS attack. Using the backdoor to get super user access on your system, cybercriminals can take command of your computer remotely, enlisting it in a network of hacked computers, aka a botnet. With this zombie computer botnet, criminals can then overwhelm a website or network with traffic from the botnet in what's known as a distributed denial of service attack (DDoS). The flood of traffic prevents the website or network from responding to legitimate requests, effectively taking the site out of service.
* Cryptojacking malware is designed to use your system's resources to mine cryptocurrency. In short, every time someone exchanges cryptocurrency the transaction is recorded on an encrypted virtual ledger known as the blockchain. Cryptomining is the process of validating these online transactions in exchange for more cryptocurrency and it takes an enormous amount of computing power. Instead of buying the expensive hardware required for cryptomining, criminals have found that they can simply enlist hacked computers in a botnet that works the same as expensive cryptomining farms.
Experts, felt that Back door in technology products refers to arrangement with government or with any third party to share customers' data in an unauthorised manner with mala fide intention.
The question that arises from these incidents is whether these backdoors were created accidentally or actually by intruders? However, Botnets are huge networks of enslaved devices and can be used to perform distributed denial-of-service attack (DDoS attack), send malicious packets of data to a device, and remotely execute code.
It is the need of the hour for the Government of India to ask for the sign 'no back door' agreement. We must encourage the OEMs (original equipment manufacturers) also to sign this kind of agreement with the government and telecom operators.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.