118 views

Why a secure IoT environment matters

By Sanjay Aurora

On the evenings of 22 and 24 October 2016, national telco StarHub's home broadband services unexpectedly were disrupted – an unprecedented occurrence in normally safe, efficient, and connected Singapore.

Subsequent investigations revealed the incidents stemmed from a Distributed Denial-Of-Service (DDoS) attack propagated by hackers. By taking control of connected devices such as routers and webcams, the perpetrators willfully shut down StarHub's broadband servers through an overwhelming spike of internet traffic from the affected devices.

DDoS attacks, while not a new form of cyber threat, have risen to prominence as cyber attackers have used them on large scale to great impact recently. Just weeks before the StarHub disruptions, a similar hack took place on the American East Coast which denied millions access to favourite websites and internet services such as Reddit and Twitter. In an ominous parallel on 28 November, another DDoS attack on Germany's largest telco, Deutsche Telekom, affected around 900,000 customers.

The implications of these attacks on hundreds of thousands of consumers go far beyond the disruption of internet services. Connected devices on networks, or the so-called 'Internet of Things' (IoT), whilst holding vast promise for businesses and consumers, have morphed into two-pronged threats. If devices in homes can be compromised, imagine the implications for businesses, infrastructure, and public institutions.

Highly skilled and well-resourced international advanced persistent threat (APT) groups or nation-state attackers, who have strong interest in obtaining inner network access, will look to take advantage of the growing IoT trend. With Gartner predicting 21 billion connected 'things' by 2020, companies will only become further exposed to attack as they deploy more and more connected devices.

Attacks of this scale have made it more evident than ever that the world is entering a new era of threat, and faith in trusted institutions can come undone at a moment's notice. For instance, power plants in Ukraine were hacked at the start of 2016, causing power outages to 80,000 homes for six hours. The big institutional banks have also bled millions to criminal hacks throughout the year.

In this heightened cyber climate, complete visibility of a network is crucial and organisations can no longer afford to keep the security of internet-connected devices as an afterthought. To prevent connected devices and networks from becoming unwilling accomplices, organisations must be able to detect any unusual behaviors across all their internet environments and across the thousands of daily minor incidents which will be impossible to manually keep tabs on.

There should hence be mounting pressure for companies to make themselves more resilient and adopt 'immune system' technology that uses machine learning and advanced algorithms to detect serious or suspicious threat indicators in real-time amidst the noise of daily activities, instead of relying on legacy tools to secure their IoT environment. Otherwise, there will only be more of these attacks seen as the world continues to embrace the Internet of Things.

Join Singapore Business Review community
Since you're here...

...there are many ways you can work with us to advertise your company and connect to your customers. Our team can help you dight and create an advertising campaign, in print and digital, on this website and in print magazine.

We can also organize a real life or digital event for you and find thought leader speakers as well as industry leaders, who could be your potential partners, to join the event. We also run some awards programmes which give you an opportunity to be recognized for your achievements during the year and you can join this as a participant or a sponsor.

Let us help you drive your business forward with a good partnership!