With 2017 well underway, security professionals are scrambling to understand emerging cyberthreats that will be prevalent in the coming year, and the appropriate mitigation techniques. I’ve found that this is particularly true for communications service providers (CSPs), who have to protect their networks as well as business and consumer subscribers from attacks. While ransomware, data breaches and global hacking events will continue to grab headlines, a major area of focus in the cybersecurity world in 2017 will undoubtedly be internet of things (IoT) devices. Based on recent attacks, these devices seem easy to hack, and can be used to launch global attacks with devastating outcomes.
IoT attacks are used to take down websites around the globe, such as the Dyn attack caused by the Mirai botnet in late October, 2016 that caused outages on websites like the New York Times, Twitter, AirBnB, Netflix, CNN and many more. Many security experts believe that this attack was a test in advance of bigger attacks to come. Since that time, the Mirai botnet code has been released. It seems that the first-ever open source cyberthreat, Mirai and/or its variants, stand to gain widespread momentum in the coming months and cause major disruptions to internet activities around the globe — particularly if appropriate protections aren’t put in place.
Protecting Against IoT Threats
Unfortunately, there is no silver bullet fix for Mirai and other IoT threats. The ideal outcome would be for the devices themselves to have robust security built into them, such that the attacks couldn’t happen. But that’s not the case — and it likely never will be, given how quickly these attacks morph into new variants and the volume of new threats coming onto the scene every day. It’s virtually impossible for the security community to keep up, let alone the device manufacturers who aren’t security experts themselves.
While Mirai and other IoT botnets can’t be completely stopped, one way to weaken their power is to put added security layers in place at the network level — which I believe will be a key focus this year for CSPs. As a veteran in security software and network architecture, I’ve spent many years working with telecom operators to address their network vulnerabilities. I understand their pain points, and have a few suggestions on how they can best protect their networks and subscribers.
Updating The Internet Of Things
IoT devices have been around for a long time. But until recently, they were built on proprietary technologies, which limited their widespread appeal. Now they operate on IP networks, which makes them more accessible — particularly in other countries where the previously closed environments weren’t feasible for the masses. While being built with IP gives them more mainstream appeal, the downside is that IoT devices are also now a prime target for attacks, particularly given their weak password protections.
The switch to being IP-based, however, offers good news. When applied to CSP networks, DNS security is an effective way to fight IoT threats. This is true for any IoT device that connects to the network: refrigerators, cameras, garage door openers, routers, and more. With the number of IoT devices projected to reach 46 billion by 2021, it is critical that CSPs are fully prepared to address these attacks, as their numbers will likely increase in the months and years ahead.