Latest from Network Transformation/Edge Compute/IoT/URLLC/Automation/M2M

Getty Images: Jasmin Merdan, Creative # 929238872
Photo 127197310 © Nuttapong Punna |
Dreamstime Xl 127197310
Photo 43625410 © Everythingpossible |
Dreamstime L 43625410
Open Source 022018 1402x672

Securing the IoT’s Future

May 15, 2018
Why Protection Is Paramount — The Internet of Things (IoT) offers a wealth of opportunity for the telecom industry. It presents mobile operators a chance to develop and enhance their […]

Why Protection Is Paramount —

The Internet of Things (IoT) offers a wealth of opportunity for the telecom industry. It presents mobile operators a chance to develop and enhance their consumer offerings and increase market growth. Research suggests the IoT industry will grow from $900 billion in 2014 to $4.3 trillion by 2024.1 We’ve already seen the likes of Vodafone delve into the consumer side of IoT with the launch of its new "V by Vodafone" bundle, whereby consumers are charged for the number of connected devices they add to their monthly plan. However, alongside this raft of growth and opportunity comes the heightened risk of security breaches.

Operators need to be smart with their investment when it comes to IoT. It’s all well and good chasing new sales leads and initiatives, and reaping the rewards, but security needs to be high, if not at the top of their agenda. More than 30 billion connected devices will be in use by 2025, of which cellular IoT — including 2G, 3G, and 4G technologies — is forecast to account for about 7 billion units.2 With the increased number of devices accessing the core network, operators need to ensure they plan for the worst and have prevention measures in place for possible hijackers. The repercussions of such a breach can have serious consequences for both the operator and end user, as any device hijack can be a potential entry point to the network for an attack.

Security attacks can come in all different shapes and sizes. One of the more common breaches is the "man-in-the-middle" concept, whereby a hacker is looking to interrupt and breach communications between 2 separate systems. This attack can have severe consequences as the hacker secretly intercepts and sends messages between 2 parties when they are under the belief that they are communicating directly with each other. Following this, the hacker can trick the recipient into thinking they are still getting a legitimate message.

These attacks can leave both the networks and end users in positions of extreme vulnerability with regards to IoT, due to the nature of the devices being hacked. For example, these devices can be anything from industrial tools, machinery, or transportation to innocuous connected “things” such as smart TVs or connected fridges.

Another common treat posed to IoT networks are Denial of Service (DoS) attacks. There can be a host of reasons for the network being unavailable, but it usually refers to infrastructure that cannot cope due to capacity overload. In a Distributed Denial of Service (DDoS) attack, a large number of systems maliciously attack one target. In comparison to hacking attacks like phishing or brute-force attacks, DDoS doesn’t usually try to steal information or lead to security loss, but the loss of reputation for the affected company can still cost a lot of time and money. Often customers also decide to switch to a competitor, as they fear security issues or simply can’t afford to have an unavailable service.

To tackle these issues, it’s paramount that access to the IoT devices for the applications should be through a controlled and secure environment that first authenticates and authorizes the user/application before allowing access to the core.

The first step for operators is to ensure any connection from the IoT device to the core network over S1 (a Single Interface between LTE RAN and evolved packet core) and Gb (carries the GPRS traffic and signaling between the GSM radio network) interfaces is fully authenticated. In order to do this, they must invest in and revisit the capabilities of their GTP and SCTP protocols, which will handle the hundreds of connections into the core network. Authentication can be delivered by the RFC 4895 for the SCTP protocol without compromising performance or network monitoring visibility like IPsec/VPNs do. This can prove vital as networks are subject to attacks with greater frequency and demonstrated disastrous outcomes.

Alongside a highly reliable SCTP protocol, operators should implement a DTLS module. Such a solution gives operators peace of mind that eavesdropping and network tampering is dealt with, as well as helping detect and fix real-time connection failures, redundancy and fault tolerance for signaling applications, and improved destination and peer path failure. In addition, it can also resolve the issue of bottlenecking in networking due to Diameter signaling, by allowing the Linux host to provide thousands of associations and connections.

It’s clear that the IoT provides a wealth of business and marketing opportunities for operators. But to ensure it’s not a short-lived fad, security must be taken seriously. Attacks on the networks can have detrimental impacts on both the operators, who can have their reputation diminished in seconds if vulnerabilities are publicized, and end users whose devices, and therefore livelihoods, are at risk.

Now is the time for the industry to lay down the foundations and realize the tools and protocols needed to secure the future.

1. Machina Research. The global IoT market opportunity will reach USD4.3 trillion by 2024. April 21, 2015.

2. Machina Research. Global M2M market to grow to 27 billion devices, generating USD1.6 trillion revenue in 2024. June 24, 2015.

About the Author

Robin Kent

Robin Kent is Director of European Operations, Adax. He has more than 30 years of experience in the IT and Telecomms industry. He joined Adax in 1994 to establish the Adax business unit in Europe. He has overseen the company’s successful transition from an OEM technology supplier to a customer-focused provider of high quality, high performance telecommunications products to network equipment providers and VAS companies throughout EMEA and India. For more information, please email [email protected] or visit Follow Adax on Twitter: @AdaxInc