Kill switches impact almost all industries across the world, as the digital space becomes more interconnected daily.
The WannaCry Ransomware attack affected more than 300,000 computers, initially affecting 150 computers. The attack accounted for the total loss of more than $4 billion. The danger was stopped by a kill switch.
Recently, the solar power grids in the US & Europe were threatened by small rogue communication devices. A fear of colossal damage in the energy sector was unavoidable. The panic was created by a kill switch.
This double-edged sword, or switch, has numerous connotations and understandings. The early misconceptions about it are becoming a reality today. Let’s unravel the mystery and make it more meaningful.
What is a Kill Switch?
Kill Switch is a mechanism primarily used to shut down or disable a system under any threat, and it applies to all types of systems, machineries, devices, programs and protocols. It is an anti-piracy mechanism, and its form and function depend on the industry and business needs.
Evolution of Kill Switches
There are three significant phases in its evolution worldwide.
Physical
In the beginning, at factories and large industries, these switches were made to turn off machines immediately if any worker was in danger.
They developed in different shapes, sizes and forms; however, the function remained the same.
It was similar to ‘pulling-the-plug-out’ to shut down uncontrolled and untoward situations.
Software-based
Thanks to the digital era, these switches were introduced for safeguarding digital assets.
Any program or infrastructure that utilises digital assets needs an extra layer of data security in case of breaches.
The only setback is that it will shut down the entire system even for false alarms.
Sophisticated
Presently, these switches have evolved and reached the culmination point, available in both physical and online versions. They can turn off specific functionality, based on needs, without disrupting everything.
They can also modify specific functions through options like ‘feature flags.’
The advanced options allow systems to take a backup before shutting down the entire operations.
Why is Kill Switch a serious concern? Cybersecurity Perspective
Primarily, experts invented them to safeguard and limit damage. After an attack, kill switches will be a reactive measure to abort any unsecured connection, device, program or protocol vulnerable to further attacks.
However, these switches can be misused if an attacker gets access to them. Along with that, there are other serious concerns.
Kill Switch Attacks & Approaches
There are two approaches that cyber attackers could deploy, which are serious concerns to look into.
Approach 1: Hacking existing switches
After getting access to existing kill switches, cyber attackers can schedule to shut down all operations.
It can affect the particular brand and business; it can also affect the entire industry.
Approach 2: Planting a kill switch
Malicious actors can also develop kill switches, plant them in the digital infrastructure and shut down.
It doesn’t stop with shutting down operations; it can extend to eavesdropping, accessing sensitive information, modifying information and misusing data.
Recent & Recurring Incidents
Not just for breaching and attacking, this mechanism is used prevalently on digital infrastructure for other reasons, too.
China used the Internet kill switch in July 2009 during the Ürümqi riots. They cut off telephone & internet access entirely.
VPNFilter Malware infected 5,00,000 routers with an in-built kill switch and network-attached storage devices worldwide.
International customers found these switches in Chinese solar inverters. In the form of communication devices, rogue apparatuses not mentioned in the product description were placed, and they believed that they could physically damage the entire grid infrastructure.
Aftermath of Kill Switch Attacks
Gains remote access to all critical infrastructure
Leaves all sensitive data exposed
Freezes the transportation facility of a city
Paralyses autonomous drones
Places national sovereignty at risk
Breaks all secure communications networks
Stops internet usage
Bypasses all financial transactions
Affects every human being and organisation with a digital connection
Popular Kill Switches Available
These switches are used in almost all industries, though many of them keep them confidential for security reasons. Some of them are well-known and listed:
Kill Switch in Zerodha (Finance/Trading)
In Bikes (Automobile)
In Cars (Automobile)
For Electricity (Energy)
For Wi-Fi & Internet (Telecommunications)
Kill Switches in the Quantum Era
The existing security in all industries is already getting breached, and the numbers are alarming. With quantum technology already on the horizon, the number will increase from here.
All the cryptographic encryptions will become vulnerable to quantum computers. It will be even easier to plant a fatal switch.
Additionally, the cyber attackers are not waiting for quantum computers. They have already started downloading and storing the data. Once they get access to quantum computers, they will begin to decrypt and misuse the data. The tactic is known as Harvest Now, Decrypt Later (HNDL).
How to stop Kill Switch attacks?
Become quantum-secure. That’s the best future-safe and fully secure option.
Robust security begins with achieving crypto agility, followed by exploring quantum algorithm and security options and equipping with the right quantum security product.
Reverse Kill Switch
At QNu, the world’s no.1 end-to-end quantum cybersecurity provider and category leader, we urge organisations and government bodies to take proactive action. One of our suggestions is to implement role reversals by using quantum security as a kill switch to shut down all cyberattacks, rather than delaying and letting cyberattacks shut down your business continuity.
Contrarian in our approach to cybersecurity, QNu is built in India but for the world.
Explore QNu’s quantum security products and solutions.
Concluding Thoughts
Kill switches don’t crash systems; they crash trust. Be aware of their impact on your business, be agile to comprehend any new technological advancements and be future-safe with quantum-secure solutions.
Their risks can no longer be brushed aside as edge-case anomalies. The next cyber war may not begin with a breach, but with a click. A silent, fatal switch clicked from a continent away!
Let’s ensure that the switch is never in the wrong hands. Every unchecked and unsecured device is an atom bomb waiting to explode. Time is ticking!
