By Nick Itta, EfficientIP’s Vice President of Sales, APAC
The single biggest global economic shift of our times is the expanding impact of digital transformations. Nowhere is this more evident than in the Asia Pacific (APAC). From disruptive new startups to domestic policy programs like Thailand 4.0 and Indonesia 4.0, countries in Asia are investing big in a future built on the digital economy. The latest trend to emerge from this transformation is the rise of Internet of Things (IoT)-based gadgets – where ordinary appliances such as lights, thermostats, refrigerators are turned into “smart” devices. Consumers are increasingly able to control their environments, such as lights or buying groceries, through their data connected smartphones.
The proliferation of IoT devices highlights just how versatile smartphones have become. As data connections become faster and more efficient (5G), manufacturers will continue to churn out new IoT devices. Indeed, a report by Gartner predicts that by 2020, over 20 billion IoT device will go online, compared to a billion PCs.
While the convenience of IoT devices is undeniable, its risks get less exposure. A key vulnerability of IoT devices is they are unsecured and must be connected to a data network — seemingly benign, the potential threat is that these IoT devices offer an access route to other devices (PCs, tablets and/or desktops) or databases connected within those networks. Cybercriminals can exploit the lack of security on the IoT device as an entry point to the Domain Name System (DNS) and from there, hack into other devices or databases, typically, through DDoS attacks on the network.
Currently, the lack of cybersecurity developers and software focused on providing safeguards for IoT devices makes them one of the most attractive entry points in a data network. The risks and potential impacts become more serious when we look at the bigger picture, especially how IoT vulnerabilities can impact critical infrastructure networks.
Across the APAC region, we have seen the disastrous effects of critical infrastructure cybersecurity incidents. In the recent hacking of the Singapore Sing-Health database, cybercriminals obtained sensitive personal health information, including that of the Singapore Prime Minister, Lee Hsien Loong and 1.5 million others through a vulnerability in the organization’s cybersecurity software. While most of most of the damage to Singapore was reputational, the incident illustrates the potential fallout associated with critical infrastructure vulnerabilities. One could easily imagine a scenario where Industrial Control Systems, and Data Acquisition systems could be hacked via an unsecured IoT device.
Fortunately, there is an emerging regional consensus in ASEAN on the need to enact stronger cybersecurity measures, particularly on data protection. Following in the footsteps of Singapore and the Philippines, both Vietnam and Thailand have recently passed cybersecurity legislation, with Vietnam’s coming into force this year and Thailand’s just passing the national legislature this month. However, many international observers have highlighted that the language in both laws tends to be more focused on data access, rather than on incentivizing the adoption of stringent cybersecurity safeguards.
Despite these vulnerabilities, there are things organizations can do to improve their DNS’s resilience against IoT based attacks and botnets (A network of infected computers), several of which include:
- Enhance Threat Intelligence on DNS: Threat intelligence is the knowledge of a threat’s capabilities, resources, motives and goals. Obtaining this threat intelligence enables companies to carry out decisive action to better defend their network-based assets. Threat intelligence can be obtained from both internal (detailed assessments of local network traffic patterns and activities) and external sources (threat intelligence feeds, structured data reports and unstructured reports). When combined, these sources serve as the foundation for proper detection, mitigation and resolution of DNS-based intrusions.
- Implement Appropriate Security Tools: As a follow-on step, deploying appropriate solutions once threats have been identified is critical to ensuring threats are contained. Existing anti-virus, web proxy filtering and firewalls are good tools, but have limitations. Newer tools are emerging that allow organizations to utilize domain and DNS-based threat intelligence solutions to generate a wealth of information about potential malicious domains and IP addresses in a cost-effective way. An example:
- Proxies/Web Filtering: SomeIoT devices do not support proxy configurations and prevent organizations from controlling network requests coming in and going out, which exposes IoT devices as an entry point for malicious purposes. To resolve this, organizations need to install specialized DNS security protections. These will enforce existing security levels provided by proxies and security levels not provided by proxies, so all pieces of the network security ecosystem are protected.
As APAC countries continue to digitize, emerging conversations about cybersecurity and protecting critical infrastructure from attacks couldn’t have come at a better time. Moving forward, it is important we do more to include IoT devices and their associated risks into these conversations. With a greater focus on IoT vulnerabilities, we hope to see more solutions and developers focused on IoT safeguards.
Nick Itta is EfficientIP’s Vice President of Sales, APAC. He is an experienced and highly accomplished sales director, specializing in providing innovative software solutions for more than 15 years.