Proceed With Caution When Building Your IIoT Network

A 2015 Accenture report estimated that the Industrial Internet of Things (IIoT) will add $14.2 trillion to the global economy by opening new opportunities. And Cisco estimates IIoT will save an additional $3.9 trillion via efficiency improvements and cost savings.

Obviously, the sooner an industry decides to expand its IIoT ecosystem, the quicker it can enjoy new revenue streams and cost efficiencies. However, jumping on the IIoT bandwagon too quickly and too extensively can lead to problems. In its report about the future of IoT, Gartner describes three red flags that also applies to IIoT:

  • The IoT demands a wide range of new technologies and skills that many organizations have yet to master.
  •  A recurring theme in IoT is the immaturity of technologies and services and of the vendors providing them. Architecting for this immaturity and managing the risk it creates will be a key challenge for organizations exploiting the IoT.
  •  In many technology areas, lack of skills will also pose significant challenges.

One of those significant challenges is thwarting cyberattacks. According to a Kaspersky Lab report, 40% of industrial computers were hacked during the second half of 2016. The Internet was the source of 22% of industrial system infections – more than removable media, email clients, archives, network shares, backup copies and cloud storage combined.

When choosing network architecture, its imperative industry infrastructure and operations (I&O) authorities understand the threats their industries face. Here are four major security risks to consider when implementing IIoT within your ecosystem:

DoS/DDoS. DoS/DDoS performed against IIoT can result in blackouts, loss of revenue and loss of life. A DoS attack can be launched against an IIoT network to deny services performed by its devices. These attacks can also be instrumented from the IIoT network itself when the devices are infected with malware.

Replay attacks. IIoT devices are small with a specific task that they do repetitively. This makes IIoT susceptible to replay attacks and detection of anomalies that can be replayed to cause an event-affecting alarm.

Unauthorized access. The biggest security risk to your network and devices is people. IIoT involves multiple ecosystem partners that include people within your organization and external contractors. Access to the industrial control networks from the enterprise network or the enterprise VPN can easily lead to unauthorized access to the entire network even when access to a specific service is all that is required.

Infiltration/exfiltration of data and malware. Employee devices have a high potential for malware infection through personal interactions with the Internet. These compromised devices come in and out of your enterprise and are connected to the IIoT network, increasing the risk that it will be compromised. Once that happens, hackers have the opportunity to exfiltrate valuable data from your business.

The IIoT learning curve is steep, slippery, and potentially costly. Choosing the wrong network architecture can limit more than its performance or scalability. It can limit your ability to protect your enterprise from cyberthreats.

For more information on how we or one of our carrier partners can help you secure your network and take advantage of all IIoT has to offer, email us at info@dispersivegroup.com or call us at (844) 403-5852.

 

Why The Dallas Siren Hack Should Alarm Every City

As you probably know, last week someone hacked the Dallas emergency weather alarm system. All of the citys 156 sirens wailed for 95 minutes until the system was shut down. The incident spawned hundreds of tweets and memes poking fun at the situation.

However, most of Dallas 1.3 million residents were not amused.

Since the alarms went off shortly before midnight, citizens were literally in the dark about what was going on. Some thought a tornado was about to hit the area, something that had happened only days earlier. Others, learning just hours earlier that the U.S. had bombed Syria, wondered if the U.S. was now under attack.

From 11:30 a.m. Friday and 3 a.m. Saturday, 911 operators were deluged with 4,400 calls nearly twice the normal volume. In one 15-minute period shortly after the first siren blast, a staggering 800 calls were recorded. There is no way to determine how many lives may have been lost due to legitimate emergency calls failing to get through.

This incident should be a wakeup call to every U.S. city. While the Dallas hack involved radio signals, not Internet connections, it still illustrates a critical point. As our cities become smarter thanks to the Internet of Things (IoT), they also become more vulnerable.

The IoT enables street lights to adapt to weather conditions, traffic lights to adjust their patterns to traffic, and video cameras to view and record virtually every inch of a city. Yet IoT devices incorporate sensors and microcontrollers that sorely lack effective encryption and security protocols.

And its not just the fault of IoT devices; the networks that connect them 4G LTE, GSM, WiFi bluetooth, etc. are vulnerable, too. Data can be snatched by attackers and used to invade connected devices. Infrequently updated codes can make telecommunication switches easy prey.

Infrastructure attacks can garner immediate and often fatal results. They can create a ripple effect that overloads other infrastructures. They can demoralize a citizenry and weaken a nation. Its no surprise more and more hostile nations and terrorist groups are creating cyberattack units that target critical infrastructure and industrial secrets.

Dallas Mayor Mike Rawlings is looking at the siren hack as another serious example of the need for us to upgrade and better safeguard our citys technology infrastructure. We hope other cities heed that warning.

Dispersive's solutions can help any city or state even our nation protect its services and critical infrastructure. For more information on how we or one of our carrier partners can benefit you, email us at info@dispersivegroup.com or call us at (844) 403-5852.

 

 

Three Takeaways From The 2017 MWC

Last week we attended the GSMA Mobile World Congress (MWC) in Barcelona. It’s the largest annual exhibition for the telecommunications industry. It’s also Christmas Day for those wanting to see the latest mobile devices.

After days of watching demonstrations, visiting exhibits, listening to presentations and talking to as many vendors as we could, we came away agreeing on three major trends.

1)  The IoT Tsunami Will Continue

Gartner estimates that by 2020, more than 20 billion devices will be connected to the Internet. Sometimes it felt like about half those devices were at the MWC.

Incredible IoT demonstrations were presented by some of the biggest names in the telecommunications industry: AT&T, Intel, Vodafone, Nokia, Ericsson and Telefonica. These included:

  • Connected screwdrivers with built-in sensors that count turns and calculate the number of usages and turns-per-usage
  • Pressure and temperate sensors for utilities that detect natural gas leaks and shut them off
  • Waste bins that report waste levels in real time to improve collection scheduling and cost-efficiency
  • Parking spaces embedded with small sensors that allow drivers to find parking quickly and efficiently
  • Ground sensors that work with satellites to help cities monitor and deal with greenhouse gas emissions and pollution.

In fact, a GSMA survey during the event showed that nearly half the visitors and exhibitors see IoT as the biggest business opportunity of 2017.

2)  5G Will Be A Game-Changer

 For starters, 5G will be 100 times faster than 4G LTE. And if MWC was any indication, it will soon underpin just about every mobile technology, from connected and autonomous vehicles to surveillance drones.

For example, Telefonica and Ericcson are collaborating in 5G research. Visitors to their MWC booths got to see how their efforts are making remote driving a reality. Anyone dropping by could drive a vehicle around a track located about 50 miles from Barcelona, thanks to 4K video streams of the track.

NTT DoCoMo showed how a 5G connection could transmit a virtual reality view from cameras around a factory floor to a VR headset. Industrial robots could also be remotely controlled over 5G.

Just how far away we are from marketable 5G is debatable. Qualcomm expects to have a processor chip ready by 2019 that will connect to 4G and 5G simultaneously for a more powerful signal. Stay tuned.

3)  Enterprises Will Turn to SDN/NFV

As enterprises become more mobile and offices become more remote, tremendous burdens will be placed on their legacy IP-based networks.

Performance will slow. Security vulnerabilities will increase. Employees will grow increasingly frustrated. Customers will seek more forward-thinking competitors.

To prevent this, more companies will turn to a combination of software-defined networking (SDN) and network functions virtualization (NFV).

SDN adds speed, security and reliability to the Internet. NFV accelerates service innovation and provisioning. Together, they give enterprises private network functionality without private network costs.

Whether you’re an enterprise with big network problems or an IoT device developer with big dreams, Dispersive can help. For more information on how we or one of our carrier partners can benefit your situation, email us at info@dispersivegroup.com or call us at (844) 403-5852.

Our Deflects Eliminate The Defects Of Legacy Internet Networks

When discussing our Dispersive Virtualized Network, we often refer to a deflect. Its not a term common to networking, but its a concept that has revolutionized networking. 

A deflect is a cloud-hosted server that allows us to create a virtual network overlay to the Internet. The deflect’s influence on routing maximizes security, performance, and reliability.

Here’s how.

Legacy networks use a single path to connect clients to servers. Each server must have an open port to accept these connections. Data traffic between source and destination is secured through IPSEC tunnels that utilize a single encrypted path.

Our deflect opens the door to a virtual network overlay with a security-first approach. A Dispersive VN routes your session-layer traffic over multiple, independent paths across the Internet. Each path has a unique, negotiated encryption key. Paths change periodically with a new key for each path.

These deflects enable Dispersive VNs to strengthen your network perimeter. This software- defined perimeter moves the attack surface away from your valuable enterprise network to these no-value targets in the cloud.

Our network’s ability to transfer data across many paths leads to quantifiable and measurable performance gains. Carrier partners have measured 3x boosts in performance over their own global networks.

By using strategically placed deflects in the cloud, you can take advantage of multiple links and landing cables around the globe. Deflects empower routing to move away from congestion and “lossy” links. The resultant performance gains can help you save money through a more effective use of “paid for” network bandwidth.

The deflect is a powerful addition to the networking suite. With a Dispersive VN, you can now transport mission-critical data reliably and securely across the Internet.

Maybe it’s time you started using the Internet the way it was intended. For more information on how Dispersive or one of our carrier partners can make that happen, email us at info@dispersivegroup.com or call us at (844) 403-5852.

Five Cybersecurity Predictions For 2017

January is the time for predictions. And while we can't tell you what stocks to buy this year or which team will win the Super Bowl, we can offer some cybersecurity forecasts.

Prediction 1: Ransomware attacks will skyrocket as victims continue to pay up.

A criminal breaches your company's network and encrypts its files or locks its machines. To regain access, you must pay a ransom, usually by bitcoin transferred to an email address.

It's called a ransomware attack. And from April 2015 to March 2016, more than 718,000 of them were recorded. Don't be surprised if that number tops one million this year.

Why? Because it's highly profitable for cybercriminals. Two-thirds of targeted companies pay up rather than call law enforcement, contact a security expert, or revert to backup systems (if they have them).

Actually, calling law enforcement probably won't do any good. The FBI's official stance is not to tell companies what to do. However, the agency doesn't discourage coughing up the bitcoin. "The ransomware is that good," explained Joseph Bonavolonta, assistant special agent in charge of the cyber and counterintelligence program in the FBI's Boston office. "To be honest, we often advise people to just pay the ransom."

This kind of thinking may explain the trend of companies now stockpiling bitcoins, anticipating a ransomware attack.

Prediction 2: A major hospital will violate HIPPA regulations by using an unsecured smart medical device.

The healthcare industry currently loses $5.6 billion each year to data breaches. The explosion of IoT devices within healthcare threatens to dwarf that figure.

These devices provide a number of healthcare benefits. They enable more effective monitoring, therapeutic stratification, and more targeted interventions. This cuts healthcare costs and improves patient outcomes.

However, IoT devices also provide plenty of targets for hackers. According to an HP study, 70 percent of current IoT devices are vulnerable to an attack.

There are many reasons for this. Manufacturers often are not aware of the specific healthcare cybersecurity needs. Subsequently, they do not incorporate necessary safeguards. Hospitals are slow to replace vulnerable hardware and devices with less risky options. And IoT device users often never change default usernames and passwords, making it easy for attackers to use the devices as botnets.

Unsecured devices could lead to more than HIPPA violations or data thefts. These devices control or monitor tens of thousands of insulin pumps, pacemakers and other medical equipment. It's not hard to imagine a terrorist someday choosing to take a life rather than data.

Prediction 3: As cybercriminals migrate from the black market to the stock market, new targets will emerge.

Hackers follow the money. When medical files began bringing up to 10 times more money on the black market than credit card numbers, healthcare hacks exploded.

These days, sophisticated cybercriminals realize the real money isn't volume-driven black market sales. It's in ransomware attacks and an endeavor once thought available only to Wall Street wizards.

Insider trading.

Always the ultimate outsiders, cybercriminals are now becoming "insiders" through securities fraud. Here are a few examples:

  • Chinese traders allegedly hacked into the computer systems of seven U.S. law firms that handle mergers. They used the data for insider trading that generated more than $4 million.
  • Ukrainian hackers infiltrated three business newswires and made off with about 150,000 yet-to-be-published press releases containing financial information. They used this information to make trades that allegedly generated nearly $30 million.
  • A former Expedia IT expert stole passwords and infiltrated devices of the company's CFO and head of investor relations. He then made a series of trades that scored him $331,000.

Until recently, law firms and public relations companies never viewed themselves as hacker targets. Today, they are. As cybercriminals look for new information sources to mine, public companies and their vendors should be very wary in 2017.

Prediction 4: Cyberterrorists will create a major U.S. power outage.

In 2014, systems of 17 energy companies were cyber-penetrated. Attackers stole data and gained private network access.

In December 2015, cyberterrorists took down a Ukraine power grid. Dozens of substations were disabled, leaving nearly a quarter of a million residents in the dark for about six hours. It was the first confirmed hack to take down a power grid.

Last month, a high-voltage substation in the Ukrainian capital of Kiev turned off suspiciously, knocking out electricity to the northern half of the city. And in the U.S., malicious software supposedly linked to the Russian group that hacked the Democratic National Committee was found on a computer at Burlington Electric in Vermont. Fortunately, the laptop was not connected to the grid.

Our power grid is in the crosshairs. Those crosshairs may belong to Russia, China, Iran or a combination of countries. It's only a matter of time before we're attacked. Unfortunately, given the geopolitical climate, we think that time might be this year.

Prediction 5: Security will be the #1 driver of cloud storage strategies.

When the cloud was introduced, security wasn't a selling point. Now it's a sticking point.

"What's happening now is that those companies [IBM, Google, Amazon and Microsoft] never built their clouds with security as one of the number one or even number two requirements," explained Chris Schueler, SVP of MSSP Trustwave. "It was speed, availability and expansion. That was the three criteria everybody built their clouds on."

This year thousands of companies large and small will adopt public infrastructure-as-a-service (IaaS) platforms – also known as cloud-based services – like Amazon AWS and Microsoft Azure. As a result, they will become faster, more efficient and more competitive.

They will also become more vulnerable to hackers. Just ask Home Depot, iCloud, Sony, the IRS, Target...well, you get the picture. Opinions as to why the cloud is susceptible to cyberattacks vary, e.g., complacent or uninformed employees, ill-prepared vendors, legacy networks, etc. What isn't debated is that they are susceptible.

"In 2017, I expect to see attackers increasingly leverage public IaaS both as a potential attack surface and as a powerful platform to build their malware and attack networks," warned Watchguard CTO Corey Nachreiner. "There'll be at least one headline-generating cyberattack either targeting or launched from a public IaaS service."

Let's hope that headline-grabber isn't you.

----------

At Dispersive, we may not be experts at predicting the future, but we're great at helping you prepare for it.

Our software-defined networks can change the way you use the Internet. They feature everything from advanced encryption to microsegmentation techniques. We can divide your network by device, user and service to block unauthorized users. We can even ensure your protected devices are "invisible" and unresponsive to anyone who is not an authorized participant.

We welcome the chance to talk with you about all this. Email us at info@dispersivegroup.com or call us at 1-844-403-5852.