Delivering connectivity securely – why a new approach is required to secure IoT

Neil Hamilton of Thingstream

Industrial device makers have in recent years continually looked to connect to the cloud in order to perform tasks such as predictive maintenance, streamlining processes and improving performance of systems.

However, from a customer perspective, the cloud has continually been treated with concern and suspicion; seen as insecure and too great a risk for some sectors. According to research by Accenture, security challenges are the biggest obstacle to industrial digitalisation via Internet of Things (IoT) devices.

The openness of data, and a myriad of breaches and viruses such as Stuxnet have all done little to quell fears. Cyber security news continues to dominate much of the technology and national media. Analyst house Forrester predicted that 2017 will see a large scale IoT breach, says Neil Hamilton, VP of Business Development at Thingstream.

The report titled Predictions 2017: Security and Skills Will Temper Growth of IoT, highlighted smart meters as a potential issue area stating: “When smart thermostats alone exceed one million devices, it’s not hard to imagine a vulnerability that can easily exceed the scale of other common web vulnerabilities such as Heartbleed, especially if multiple IoT solutions include the same open source component.”

Smart devices for the home have faced high levels of scrutiny, particularly in the UK following warnings that all homes with a smart meter are liable to denial of service attacks – potentially crippling the country’s energy networks. As a result, IoT is arguably still fighting the ‘unsecure’ label pinned on it.

A new framework to deliver secure IoT is therefore essential. We need to look at both how we discuss security and how we actually go about preventing breaches.

The high levels of coverage and potentially damaging results of such breaches has helped to make ‘cyber’ into a negatively perceived term. The moment someone questions the cyber security credentials of a product, panic ensues. Equally when someone else says they can ‘fix’ cyber security issues, claims are heavily scrutinised by penetration testers from around the globe.

If progress is going to be made, we need to shift this stigma whilst introducing a better more secure means for connectivity. Part of this challenge is in complexity; for example, a core application of Industrial IoT is predictive maintenance. In order to predict if a mobile diesel generator is going to break down it must communicate its’ status over the internet.

A company running the service will need to ask an IT department to build a solution, or hire a supplier. The device then needs to be connected, requiring the involvement of a network operator or provider. The multiple layers that are currently involved in connecting a device can make it more likely to be intercepted, whether that is by DDOS or BOTNET attacks.

Simpler connectivity could therefore reduce the threat and likelihood of breaches. The common view is that the cloud is the problem, however it is in fact the transmission to the cloud where the majority of breaches happen and information is stolen.

Solutions to date have seeked to prevent breaches by wrapping existing communication means with security technology. In the home for example, consumers can purchase network access solutions that restrict who and what can access devices.

The problem these pose in industrial environments is firstly that they can be hacked and secondly they add complexity. What is required is a means of connection that doesn’t require heavy security products. As a result, a connection that moves directly between device and server, that does not allow for interception is the ideal happy medium.

A potential solution could be USSD (Unstructured Supplementary Service Data). The technology present in all mobile GSM networks can be leveraged to provide unprecedented security as there is effectively no ‘internet’ involved or access points within data transmissions. It is therefore impervious to internet related security threats such as Botnet, DDOS and more recently WannaCry.

Delivering connectivity securely is of critical importance to IoT growth and future evolution. We need to work to make IoT safe and highlight this point. IoT has the potential to transform how businesses, consumers and physical things interact, but this won’t happen unless we as an industry meet the security challenge head on. In short, we must adopt safe and secure technologies and make sure to talk about why these make IoT safe; without mentioning cyber.

The author of this blog is Neil Hamilton, VP of Business Development at Thingstream

Comment on this article below or via Twitter: @IoTNow OR @jcIoTnow

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Infineon and Rainforest Connection create real-time monitoring system to detect wildfires

Posted on: October 22, 2021

Munich and San Jose, California, 21 October, 2021 – Infineon Technologies AG a provider of semiconductors for mobility, energy efficiency and the IoT, announced a collaboration with Rainforest Connection (RFCx), a non-profit organisation that uses acoustic technology, Big Data and Artificial Intelligence / Machine Learning to save the rainforests and monitor biodiversity.

Read more

Infineon simplifies secure IoT device-to-cloud authentication with CIRRENT Cloud ID service

Posted on: October 21, 2021

Munich, Germany. 21 October 2021 – Infineon Technologies AG launched CIRRENT Cloud ID, a service that automates cloud certificate provisioning and IoT device-to-cloud authentication. The easy-to-use service extends the chain of trust and makes tasks easier and more secure from chip-to-cloud, while lowering companies’ total cost of ownership. Cloud ID is ideal for cloud-connected product companies

Read more