Could an innocent device like a STB, webcam or home thermostat be used by hackers to attack you? In the current world of the Internet of Things (IoT), the answer is Yes! Leading to the name Internet of Threats. But operators have the power to change this.
IoT promises connected convenience at consumer’s fingertips. From adjusting your home heating when you land back at the airport, to checking your home security remotely if the alarm goes off while you’re out. Consumers depend on their operator to be the trusted party and remove any privacy or security implications.
No doubt – there are risks
Gartner forecasts that IoT will witness a 30-fold increase growing to 26 billion units by 2020. Any device connected to the Internet containing an operating system can be comprised; providing a backdoor for cybercrime. And as the number of points of entry grow, so too does the opportunity for hackers to access our information.
With IoT, not only are there more backdoors to be exploited, some of them are not even locked! Lots of people don’t change the default credentials. All IoT devices are profiled and come with known admin IDs and passwords which are available online. There are even search engines, such as Shodan, making it easier to discover exposed online devices for would be hackers.
It all starts with security
IoT devices collect, transmit, store and often share a lot of consumer information. And most of them need to connect to a central server in some form; managed by operators. Consumers are therefore putting a lot of trust in that operator to keep their information secure or not misuse it.
Whether the operator is offering IoT services, such as home automation, directly to its consumers or is the enabler who provides the underlying infrastructure, the common denominator is a need for a security solution. It is the mechanism to minimize risk and introduce new services securely.
Trust is a differentiator
One of the attributes which sets operators apart from new competition is the trust they’ve established with their consumers. In the world of IoT, trust is even more important. Consumers are exposing more of their lives. And to protect consumers in this environment, the secret is to be able to combine state of the art technology with proactive services.
The technology must be able to respond to devices, be able to lock them down, monitor traffic and device behaviour. It needs to be able to isolate the home security elements from other internet components making sure that weaknesses are identified. The services provide expertise to help understand where vulnerabilities fall in the overall IoT framework. And if an attack does happen, the services team assists to identify, investigate and provide support in prosecutions.
Such a complete solution allows operators to be the trusted brand and to add value to their end users.
For more similar content, please visit the Irdeto Perspective Blog.
About the Author
Andrew Wajs, CTO Irdeto