by Bharat Mistry
Time flies fast in tech. When Trend Micro was founded nearly 30 years ago, mobile phones were pretty clunky, prohibitively expensive and not in the least bit “smart”. Fast forward to today and the device in your pocket has more compute power than the NASA machines that put man on the moon. Over the years, the annual Mobile World Congress (MWC) show in Barcelona has offered us a fascinating glimpse into the remarkable growth of this industry.
Mobile is now at the very heart of our digital world. It means much more today than smartphones — extending out into the Internet of Things (IoT) to permeate virtually every aspect of our lives. But with this newly connected, digital world come new risks. That’s why Trend Micro CEO Eva Chen was on hand at MWC this year, to explain to the press how her vision for connected intelligence can help build a safer connected world.
A data-driven world
The Internet of Things is all around us. It keeps us entertained at home, more productive at work, happier and healthier. It runs our factories, streamlines business processes and improves service delivery.
In the coming years there will be billions of connected “things” on the planet, according to a number of analysts. What’s more, they are generating a huge amount of data: already enough to fill and stack iPad Air devices two-thirds of the way to the moon. By 2020 there’ll be enough to fill nearly seven stacks to the moon.
Risks are everywhere
But this new connected world in which we live in is increasingly exposed to cyber-threats. We can see it in every sphere:
Smart home: The Mirai botnet compromised connected consumer devices en masse to launch DDoS attacks that brought down large parts of the internet in 2016. Closer to home, everything from baby monitors to connected front door locks could been compromised.
Smart factory: Hackers are also keen to target IoT devices in factories and critical infrastructure facilities. The most famous example to date was the attack on Ukrainian energy providers which cut power for hundreds of thousands of consumers in December 2015 and 2016. Trend Micro research has revealed just how exposed Western cities are to potential attack.
Connected car: Researchers have also demonstrated numerous times how under-protected connected vehicles could be hacked to devastating effect, enabling hackers to remotely control the steering, brakes and engine.
A formula for success
It’s getting harder to protect the explosion in endpoints that is being driven by the IoT. Buggy code, open network ports, poor authentication, undetected file and behaviour changes, and insecure network protocols all add to the challenge. Fortunately, there is a solution. Our formula for success is predicated on three factors: anticipating changes in infrastructure to cloud, IoT and 5G; embracing changes in user behaviour; and protecting against the full gamut of threats.
This won’t be easy. The two historically separate worlds of IT and OT are converging fast in the IoT sphere, exposing organisations and their users to new risks — all of this as the industry struggles to deal with chronic skills shortages. However, we stand a great chance of success if we look at applying security based on shared intelligence at all layers of the IoT stack: the device (home appliance, factory machine or connected car); network; control centre (voice assistant, ICS or cloud controller); and “data analyser” layer in the cloud.
In practice, this means protecting against device vulnerabilities, carrying out network inspection, hardening systems at the control centre layer, and protecting cloud servers. Most importantly, this approach needs to be underpinned by shared intelligence which gathers data from millions of IoT sensors all over the world, analyses it in the cloud and then blacklists and blocks connections from suspicious endpoints. Artificial intelligence also has an important part to play here in spotting the needle in the haystack — suspicious patterns in IoT data which could indicate attacks.
Our world is getting more connected by the day. The only way to keep data safe and key systems up and running is by using the power of shared intelligence and industry-wide partnerships to stay one step ahead of the hackers.