Service Providers urged to bolster defences against evolving IoT threats

Unpacking Bitcoin security
Martin Walshaw, Senior Engineer at F5 Networks

Martin Walshaw, Senior Engineer at F5 Networks.
Martin Walshaw, Senior Engineer at F5 Networks.

Application security company F5 Network encouraged EMEA service providers to step up their defences against large-scale Internet of Things (IoT) hijacks.

The call to arms comes in the wake of the recent Mirai botnet, which infected hundreds of thousands of IoT devices, including security cameras, to launch an unprecedented 620+ Gbps DDoS attack.

“Few expected DVRs or connected cameras become weapons. Looking ahead, the fix has to come from the network and, more precisely, service provider networks as they host these devices and are closer to the source of the attacks,” said Martin Walshaw, senior engineer at F5 Networks, speaking ahead of this month’s Mobile World Congress in Barcelona.

“IoT devices are very attractive from a DDoS perspective as they don’t require additional expenses, social engineering attacks, email infection campaigns, exploit kits or fresh zero-days. They also tend to have poor security standards.”

The importance of IoT-ready security solutions is set to take centre stage at this year’s MWC as the proliferation, power and influence of connected devices continues to grow exponentially.

IDC predicts that the IoT market will grow to $1.29 trillion at a CAGR of 15.6% by 20201, a year by which Frost & Sullivan estimates that people will own 5.1 connected devices2.

IoT is also forcing itself to the top of the strategic agenda in boardrooms worldwide. A recent report3 by the Internet of Things Institute noted that 65% of 1,000 surveyed global business executives agreed that organisations leveraging the IoT will have a significant advantage.

The shift is dramatic and will put significant strain on service provider networks, particularly as the challenge of harnessing and optimising 5G networks comes into play.

“The industry simply needs better weapons against attacks,” said Walshaw. “Processing power is key, and we need more intelligent ways of dealing with threats. SSL offloading helps to prevent evasion through encryption whereas behavioural analysis enables us to detect new attacks, automate the generation of signatures and share these with the broader community, locally or globally.”

Indicative of the surge in IoT activity, F5 is witnessing a strong global uptick in demand for security and optimisation services in the service provider sector.

“The landscape for service providers is shifting at lightning pace and the opportunities and pitfalls of IoT are forcing them to rethink how they operate,” added Walshaw.

“This is reflected in a strong surge in organisations coming to us to make sense of it all, whether it is S/Gi firewall solutions to protect both their infrastructure and their subscribers from attacks, safeguarding the data centre perimeter or protecting IoT-based applications and protocols.”

Staff Writer