Sharing is Caring, but is it Safe?
Prakash Sadagopan, Director, Field Systems
Engineering, APAC, F5 Networks
Engineering, APAC, F5 Networks
The boom of
mobile applications—whether it is for ride sharing or couch surfing—has
superseded traditional services and revolutionized convenience, as we know it.
This is especially prevalent in Asia Pacific, home to over half of the world’s
mobile subscribers. Asia is also leading the charge in mobile app revenue, with
the figure expected to increase to US$57.5 billion by 2020.[1]
mobile applications—whether it is for ride sharing or couch surfing—has
superseded traditional services and revolutionized convenience, as we know it.
This is especially prevalent in Asia Pacific, home to over half of the world’s
mobile subscribers. Asia is also leading the charge in mobile app revenue, with
the figure expected to increase to US$57.5 billion by 2020.[1]
Replacing traditional with unconventional
A dynamic
playground for mobile apps, the sharing economy has nestled itself into almost
every corner in the region—and it makes no differentiation, be it an emerging
market such as Indonesia, or an established economy such as our Singapore.
playground for mobile apps, the sharing economy has nestled itself into almost
every corner in the region—and it makes no differentiation, be it an emerging
market such as Indonesia, or an established economy such as our Singapore.
In Indonesia,
home care portal Seekmi connects
individuals to professional services at the touch of a button. With a platform
of over 250,000 listings and a fleet of 5,000 service vendors, Seekmi provides a wide array of
on-demand services including photography and plumbing. Last year, it raised
multi-million funding and made plans to expand its services across more cities.[2]
home care portal Seekmi connects
individuals to professional services at the touch of a button. With a platform
of over 250,000 listings and a fleet of 5,000 service vendors, Seekmi provides a wide array of
on-demand services including photography and plumbing. Last year, it raised
multi-million funding and made plans to expand its services across more cities.[2]
In Singapore, we
regularly see Uber Eats riders on their oBikes/Mobikes, completing their trips
and delivering an assortment of food to their customers. These riders have no
stake in any of the businesses—from the restaurants, or their mode of
transport—but provide an ever so popular service. Today’s sharing economy has
evolved to a point where jobs can be created, and completed, all just by owning
a single app.
regularly see Uber Eats riders on their oBikes/Mobikes, completing their trips
and delivering an assortment of food to their customers. These riders have no
stake in any of the businesses—from the restaurants, or their mode of
transport—but provide an ever so popular service. Today’s sharing economy has
evolved to a point where jobs can be created, and completed, all just by owning
a single app.
The underlying danger of DDoS
These success
stories are a testament to the prowess of the sharing economy, which is quickly
gaining traction across the region due to the speed and convenience it
delivers. However, our increasing reliance on apps might also lead to our
downfall. Consumers willingly offer personal information to shave off precious
minutes of waiting. This is great, until they realize that the sharing economy
also means an entire ecosystem of authenticated devices and data that are
interconnected—a treasure trove for cybercriminals.
stories are a testament to the prowess of the sharing economy, which is quickly
gaining traction across the region due to the speed and convenience it
delivers. However, our increasing reliance on apps might also lead to our
downfall. Consumers willingly offer personal information to shave off precious
minutes of waiting. This is great, until they realize that the sharing economy
also means an entire ecosystem of authenticated devices and data that are
interconnected—a treasure trove for cybercriminals.
DDoS attacks
caught the world’s attention with the Mirai botnet, which crippled the Internet
and brought down sites such as Amazon, Github, PayPal, Reddit and Twitter.[3] If
DDoS can easily take out large websites, one can only imagine the havoc it will
cause if and when apps such as Uber, Obike and Seekmi—apps that many depend on
daily—are suddenly made unavailable.
caught the world’s attention with the Mirai botnet, which crippled the Internet
and brought down sites such as Amazon, Github, PayPal, Reddit and Twitter.[3] If
DDoS can easily take out large websites, one can only imagine the havoc it will
cause if and when apps such as Uber, Obike and Seekmi—apps that many depend on
daily—are suddenly made unavailable.
Our dilemma:
safety or convenience?
safety or convenience?
Connectivity is a
double-edge sword today as it enables the level of convenience in our lives yet
provides cybercriminals the platform for exploitation. The benefits the sharing
economy bring to improving one’s standards of living are endless.
double-edge sword today as it enables the level of convenience in our lives yet
provides cybercriminals the platform for exploitation. The benefits the sharing
economy bring to improving one’s standards of living are endless.
However, sharing
economy apps achieve this intelligence by uploading customers’ personal
information such as gender, age, interests and even credit card details to the
cloud for data analysis and service improvements.
economy apps achieve this intelligence by uploading customers’ personal
information such as gender, age, interests and even credit card details to the
cloud for data analysis and service improvements.
So what happens
when enterprises face the unexpected wrath of a DDoS attack? Enterprises lose revenue in reduced
web traffic and have to bear the high costs of remediation process. More
severely, customers who once trusted enterprises would view the organizations
as unreliable. In our information overload age, it only takes one website crash
to send customers running to another vendor.
when enterprises face the unexpected wrath of a DDoS attack? Enterprises lose revenue in reduced
web traffic and have to bear the high costs of remediation process. More
severely, customers who once trusted enterprises would view the organizations
as unreliable. In our information overload age, it only takes one website crash
to send customers running to another vendor.
The key to keeping safe
Convenience
is the biggest motivator in an increasingly impatient world. It is worrying
that users of sharing apps surrender their credit card information and password
information too readily. Now more than ever, businesses need to strengthen
their stance against DDoS. It may seem to be a daunting task; however, a
practical first step could be to cultivate a culture of awareness.
is the biggest motivator in an increasingly impatient world. It is worrying
that users of sharing apps surrender their credit card information and password
information too readily. Now more than ever, businesses need to strengthen
their stance against DDoS. It may seem to be a daunting task; however, a
practical first step could be to cultivate a culture of awareness.
Cybersecurity is
slowly but surely becoming a priority for many organizations, especially in the
wake of recent events, including oBike’s as well as AXA’s data breach. Yet, IT continues
to struggle to gain a foothold in boardroom discussions and drive the point
that proactive cybersecurity strategy is a necessary investment.
slowly but surely becoming a priority for many organizations, especially in the
wake of recent events, including oBike’s as well as AXA’s data breach. Yet, IT continues
to struggle to gain a foothold in boardroom discussions and drive the point
that proactive cybersecurity strategy is a necessary investment.
Given
the option between building on an existing security framework and investing in
business ventures, it is almost a no brainer for executives to choose the
latter. Ponemon Report on
APAC app security finds that only 17 percent of IT security budget is dedicated
to app security[4].
The only real change enterprises have to make is recognizing that they have to
carry great losses that extend beyond monetary means during a security breach,
and that at any time, a breach could happen.
the option between building on an existing security framework and investing in
business ventures, it is almost a no brainer for executives to choose the
latter. Ponemon Report on
APAC app security finds that only 17 percent of IT security budget is dedicated
to app security[4].
The only real change enterprises have to make is recognizing that they have to
carry great losses that extend beyond monetary means during a security breach,
and that at any time, a breach could happen.
With
the right mindset comes the right steps to security. Enterprises should bear in
mind that security monitoring and observations are imperative. From
prioritizing what needs protection to ensuring your IT program timely and
effectively identifies security breaches, every step counts towards a safer
future for a business.
the right mindset comes the right steps to security. Enterprises should bear in
mind that security monitoring and observations are imperative. From
prioritizing what needs protection to ensuring your IT program timely and
effectively identifies security breaches, every step counts towards a safer
future for a business.
Enterprises
should also carry out active measures to protect both end users and businesses,
starting from digital hygiene practices. This can range from passwords renewals
every six months to conducting regular patching exercises. Deploying web
application firewalls (WAF) also protect web applications and application
program interfaces against a variety of attacks, notably including injection
attacks and application-layer denial of service.
should also carry out active measures to protect both end users and businesses,
starting from digital hygiene practices. This can range from passwords renewals
every six months to conducting regular patching exercises. Deploying web
application firewalls (WAF) also protect web applications and application
program interfaces against a variety of attacks, notably including injection
attacks and application-layer denial of service.
Lastly,
enterprises should adopt a cybersecurity infrastructure that creates on-going
conversations across all business units and functions. This will ensure a
varied and multifaceted opinion in identifying the critical vulnerabilities in
security and building towards a more robust secure strategy in an enterprise.
Simple yet effective, these measures could save you a trip to the emergency
room and help keep sharing safe.
enterprises should adopt a cybersecurity infrastructure that creates on-going
conversations across all business units and functions. This will ensure a
varied and multifaceted opinion in identifying the critical vulnerabilities in
security and building towards a more robust secure strategy in an enterprise.
Simple yet effective, these measures could save you a trip to the emergency
room and help keep sharing safe.
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!