Connected homes are the fastest-growing area for IoT. CSPs have launched high-speed broadband connections so that customers can leverage connected services and content. However, from a security standpoint, connected homes are highly vulnerable to cyberattacks. Dr. Yael Villa, SVP of cyber security, Allot, explains how CSPs need to be proactive and play a critical role in mitigating cyberattacks on IoT devices.
Attacks against internet of things (IoT) devices are trending upward, so much so that unsecured IoT devices are being viewed as a threat vector that puts everyone at risk. Devices too often lack adequate built-in security and depend upon owners to perform manual setup to configure them properly. communication service providers (CSPs), including telecom and internet providers, are in a unique position to mitigate attacks by managing IoT installations and maintenance when customers and vendors lack the time, resources, and patience to do it themselves.
CSPs play an uncredited and under-utilized role in securing IoT devices and can provide the requisite management for end-users. SMEs (small and medium-sized enterprises) and homeowners have long-standing relationships with CSPs and trust in their brand. Those factors, along with pre-built services, make it possible for IoT security services to be delivered at scale and almost in real-time as irregular behaviors are monitored and analyzed. SMEs and homeowners don’t have that capacity.
See More: From iPhone to Spyphone: Strategies To Prevent Spyware Attacks
Provision and Manage Devices at Scale
It takes more effort to install IoT products one by one, let alone manage those devices. Anybody who has ordered a whole-home Wi-Fi mesh system knows that CSPs have the infrastructure and processes in place to provision many devices at once. That capability is vital in IoT products which often are installed in groups of devices and must be managed accordingly. Some device makers focus on security, but the onus is always on the end-user.
Provisioning broadly also provides a convenience to SMEs who may desire to outsource those installations, and it strengthens the ability of hardware makers to sell and market their products using the channel (for sales and marketing). Scale is essential to provide IoT devices to the mass market and reduce costs. Those savings can be passed onto the customer, and the market power of CSPs is an incentive for independent hardware vendors to focus on security.
Easy installations are just the beginning of the improved IoT experience that CSPs can deliver by being security-minded and providing ongoing device management throughout the product lifecycle, as well as advocating for better quality update mechanisms and software quality from device makers. Management means security, and security is part of the product. Products have many stakeholders from the manufacturer, through the CSP, and onto the consumers.
See More: How To Choose Enterprise IoT Security Solutions
The Network Has Your Back
However, secure by design remains an ideal but non-existent concept, and any CSP focused on IoT connectivity needs to account for the growing concern of cybersecurity surrounding those devices. A provider cannot restrict which devices customers purchase nor mandate security specifications for all products. The legal and punitive systems that have directed product quality and defects in the past haven’t translated well to the IoT era. For example, passwordless devices are still being sold, and others that incorporate ‘features’ intended to simplify installation by automatically ID-ing other products, while remaining ill-prepared for a bad actor who may abuse that functionality. Poor quality software is too often built into logic boards (which may or may not be upgradable) that cybercriminals will leverage at some point.
The question becomes which entity is best positioned to handle this challenge? Product vulnerabilities remain an inherent threat, and CSPs play a central role in mitigating them. On-site monitoring, through routers, reduces the risk of IoT vulnerabilities being exploited at the source, which would otherwise cascade from user networks to the web at large. An example of this was when the Mirai malware struck DNS providers and made large portions of the internet inaccessible throughout the East Coast of the United States. It disrupted the entire U.S. economy, but a smart router could have detected and mitigated Mirai before it metastasized into a national crisis. As this example illustrates, network monitoring in a no-installation manner through the CSP network can play a crucial role in IoT security at large. It’s unrealistic to expect SMEs and homeowners to do this because they’re not positioned to manage security at scale.
Monitoring and Mitigation
Monitoring from the router itself plays a key role and is a technical control that SMEs generally do not accomplish. Running a full security operation center (SOC) costs millions of dollars and requires a level of talent and coordination that isn’t possible outside of global enterprises. CSPs provide an economical solution via security-enhanced routers that deliver another layer of defense while controlling costs. Instead of a SOC, intelligence on device communication and traffic can be surfaced from a router directly into an accessible self-care portal that flags suspicious IoT behavior and provides options to control what happens when incidents occur.Â
That includes quarantining infected devices from the network and blocking access to command-and-control servers, effectively stopping a potential new botnet from forming. CSPs also must keep track of and profile the behavior of misbehaving devices, paying close attention to anomalies. This way, problems can be remedied remotely to prevent attacks from propagating to other devices, not just for a single customer but for everybody.
CSPs are already on the watch. There was recently a 273% increase in downloader blocks on the CSP side since the appearance of the Flubot Android banker Trojan, according to a Q1 threat intelligence report by Allot on their European customers. The blocks were triggered by Flubot C&C connection attempts, which providers effectively mitigated. That action protected customers from losing sensitive data such as financial information and passwords. As evidenced by Flubot, it is vital to not only detect these incidents but to identify exactly when they occur.
CSPs are equipping themselves with specialized network-based software solutions with monitoring capabilities, in addition to an overall view of traffic passing through their networks. A CSP’s security solution can analyze and compare device behavior with other customers using its network. It becomes an effective means of collecting threat intelligence and crowdsourcing those insights, which can then trickle down through the security products that the CSPs provide customers.
See More: IoT Security: The Elephant in the Room
Rethinking the Security Relationship with CSPs
The threat landscape dictates that we all do more and that CSPs play a role in addressing the problem of piecemeal IoT security. IT admins and security analysts shouldn’t overlook CSPs as a potential partner to manage monitoring and security value-adds fundamental to a safe and secure ecosystem of connected devices. There are efficiency and consolidation benefits from having a partner with massive provisioning infrastructure, and experience scaling installations. There’s an immediate need to be more proactive about IoT security, beginning with selecting vendors and CSPs who are mindful of security and its significance for customers.
Did you find this article helpful? Tell us what you think on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We’d be thrilled to hear from you.