Is IoT becoming a battle ground for cybersecurity?
Recent research suggests that the number of cyber-attacks targeting UK businesses has increased by more than half, to almost 65,000 internet born assaults per company every three months, with the rise being placed firmly at the door of the internet of things writes Neil Hamilton, VP of Business Development at Thingstream.
That is a staggering figure – that goes a long way to highlight the challenge we face in both preventing and dealing with the outcome of data breaches. The report found that two-thirds of attacks were targeting connected devices such as networked security cameras and building control systems.
There is no doubt that the IoT is becoming a cyber battle ground as it begins to take off, especially within the wireless segment where devices can more readily be accessed. Analyst house Forrester predicted late last year that 2017 is likely to see a major IoT data breach.
It is an unfortunate truth that the more devices we make connected, the greater the number of cyber attacks and security incidents we will see. However the research does highlight the need for a new approach to securing the IoT; one in which loopholes are closed and secure connectivity guaranteed.
Bringing the cloud closer to earth
Critical to the success of IoT connected devices is their ability to communicate with cloud based data platforms. In most traditional solutions, devices communicate between the physical and digital world moving information through a number of gateways. The challenge is how we bridge the ‘air gap’ between an operational technology on the ground and IT systems in the cloud. It is in this gap as data moves through the transmission cycle where DDOS and BOTNET type attacks happen.
The industry requires a technology which either secures this process or works to simplify it and therefore remove access to devices that can be hacked.
Securing the process
Securing existing processes seems like an obvious solution to meeting the challenge rising cyber attacks pose. The thinking behind it: hackers have tried to steal and compromise data so we should seek to make the data secure. The nature of IoT though is that data is required to be flexible and accessible; to see widespread IoT growth, particularly in industrial applications, the industry requires a solution that is affordable and simple to install alongside existing and developing technology.
Under the nose
The solution in my view has been sat underneath the industries nose for almost 20 years in Unstructured Supplementary Service Data (USSD). The core challenge with securing IoT is the internet. Data is not intercepted once it is sat in the cloud, it is the internet that provides access to devices.
USSD is the protocol used by Global System for Mobile Communications (GSM) cellular telephones to communicate with the service provider’s computers. It costs little to access, and only requires a minimal signal. Even more importantly, because it isn’t part of the Internet, it isn’t susceptible to Distributed Denial of Service (DDOS) and the other increasingly common hacking techniques that is causing the IoT to become a security headache for companies.
From a practical perspective as well, access to USSD can be enabled to provide global access rather than having to rely on securing access to data services in different territories.
A more positive future
Worryingly in Industrial IoT, security is seen by business leaders as the biggest obstacle to implementation (according to research by Accenture). Removing security as the core barrier to applications of IoT is crucial to ensuring future growth, evolution in the sector and ultimately a more positive future. IoT has serious potential to transform how entire industries operate, from improving monitoring to simplifying manufacturing processes. The rise of cyber attacks is a challenge that should be best faced by removing the threat through an alternate means for connectivity.
Neil is VP of Business Development at Thingstream, a division of Myriad Group. Neil is a technology evangelist who has been a founding member of a number of successful technology start-ups involved with mobile and commerce technologies. He is passionate about demystifying complex technology and evangelising the business benefits and new revenue opportunities such technology presents.