Recent news headlines reported one of the largest DDOS (Distributed Denial of Service) attacks to date. DNS service provider Dyn suffered multiple network outages affecting popular sites including Twitter, Github and Etsy as a result of this attack, of which we know one source of traffic was the Mirai botnet of unprotected IoT (Internet of Things) devices. This week NCSAM asks ‘what’s your apptitude?’ in a world where there’s an app for everything. We talked to Marc, our Europe Technical Support Manager, to get his insights on the Internet of Things and what it means for the future of cyber security.
“There’s no doubt that everything will become ‘connected’. Fridges, watches, cars…but who is thinking about how the Internet of Things is protected? People have concerns over whether it’s physically safe to use a self-driving car; whether the technology will adhere to the speed limit, respond to traffic lights, but few are talking about the security of the operating system.
“Gartner expects that 21 billion devices* (excluding smartphones, tablets and computers) will be connected to the internet by 2020, in a population of 7 billion. So the numbers suggest that the majority of us will be exposed to the security risks that come with an ever-expanding digital world. This is why we must focus our efforts not only on developing new technology in a secure way, but also on safe-guarding the infrastructure that keeps us connected.”
Marc commented that the vast number of mobile apps used to control devices around the home immediately presents an opportunity for the cybercriminals. “We’re often more excited by the novelty of being able to control our lights and heating from our mobile devices than we are educated about the risks.
“End-users must take steps to protect their home networks as IoT becomes a bigger part of our daily routines. In addition, the organizations supplying the technology also have a responsibility to provide a secure experience for their customers. This is where external threat intelligence becomes an essential part of any corporate cyber security strategy and where Blueliv’s customizable solution can enhance your existing network protection. For me, the recent attack emphasizes the need for better awareness and detection of malicious apps. Our Rogue Apps module detects fake apps impersonating your brand, malicious apps being used to commit fraud and any illegal publication of mobile apps. If you can empower your Security Operations team to remove rogue apps more efficiently, not only will you reduce costs to the business, your app users are also better protected and you’ve retained your spot in the app marketplace charts.”