Telcos: when it comes to IoT security, prevention is always better than cure

Ultan Kelly, senior director at Cobham Wireless

Smart devices have arguably made consumers’ lives easier, and as they become more affordable, more of us are investing in the IoT. However, all too often, these smart devices are being manufactured with affordability in mind and security as an afterthought.

As a result, customers are being left increasingly at risk. As the IoT is embraced by the healthcare sector, urban infrastructure and automobile industries alike, the threat of cyber-attacks widens. The implications of these attacks will not only impact the consumer that has invested, but society at large, with wide-ranging economic repercussions as well.

With many manufacturers focusing on profit first, who is left to take care of security? Should the telecommunication providers be taking action?, says Ultan Kelly, senior director at Cobham Wireless.

Cast your mind back to the world’s largest Distributed Denial of Service (DDoS) attack on Dyn in October 2016; driven by MIRAI malware, it targeted connected devices such as CCTV video cameras and digital video recorders, and brought down internet goliaths like Twitter, Spotify and Reddit.

In that time, not much has changed. Just last month, half a million computers went down in Australia in a similar DDoS style infiltration. These types of attacks will only increase, so telecommunication providers must take action to mitigate the threat.

Imagine the impact of security breaches of hospitals reliant on connected medical devices, or a hack on connected electricity grids, leaving towns and cities without access to crucial utilities. Even an attack on a selection of connected cars could be catastrophic. These incidents could jeopardise the safety of society on a vast scale.

If the societal threat doesn’t call the telcos to action, then the threat to their customer’s wallets just might. A recent report revealed that the average cost to a company that suffers a DDoS attack is $2.5 million.

This is a shocking statistic that’s only compounded by the revelation that 86% of the companies surveyed had suffered a DDoS attack within the last 12 months. With this much at stake, it’s clear that hackers will only seek to further exploit service provider and business networks.

The solution is simply a case of planning for the inevitable. Telcos should employ technology that provides a comprehensive recourse for proactively protecting and hardening their systems. This can be achieved by implementing a modern security strategy, which involves stress testing networks by emulating DDoS and malware threats to identify weaknesses which could be targeted by cyber hackers. This will maximise the chances of identifying any potential security holes across their network, because prevention is just as important as defence.

Providers are racing to deploy new connectivity standards for IoT, such as NB-IoT, LoRa or Sigfox, which are all slated to make the IoT yet more seamless and see yet more devices connected to the internet. Unfortunately, in their haste, providers may not be placing security at the top of their list of priorities.

Hackers will likely look for lax security around new modes of connectivity. Therefore vigilance is paramount and operators must be aware that these connectivity networks will be just as vulnerable as current network standards, like LTE or Wi-Fi.

Poorly secured connected devices, designed with affordability in mind, will be ubiquitous in the growing IoT landscape and it is these devices which remain the entry-point for many IoT attacks.

However, with all the threats laid bare and the extent of their consequences clear, it would be inexcusable for the telecommunication providers to shirk their duty to address the threat at network level. If not for the safety of their customers, then at a minimum for the safety of their bank balances.

The author of this blog is Ultan Kelly, senior director at Cobham Wireless

Comment on this article below or via Twitter: @IoTNow OR @jcIoTnow

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Yellowfin explores the future of data storytelling and reveals the impact narrative and automation will have on business analytics

Posted on: October 27, 2021

London. 27 October, 2021 – Yellowfin, the analytics vendor that combines action-based dashboards, automated discovery, and powerful data storytelling, launches a white paper exploring ‘The Future of Data Storytelling: how narrative and automation will redefine the next decade of analytics’, offering valuable insight to organisations on the power and potential of future augmented and automated

Read more

Renesas and wolfSSL enable ready-to-use IoT security solutions based on embedded TLS stack

Posted on: October 27, 2021

TOKYO, Japan and EDMONDS. Washington, October 27, 2021 ― Renesas Electronics Corporation, a supplier of advanced semiconductor solutions, and wolfSSL, a provider of embedded security solutions, announced a multi-year licensing agreement whereby customers of Renesas’ 32-bit MCU offerings can obtain a free commercial license for the wolfSSL TLS (Transport Layer Security) stack with integrated Renesas hardware

Read more