Cyber security threats are now more frequent in our connected world and are a growing concern for all, from the 5.1 million UK micro-businesses right through to the largest enterprises and utilities providers. As such, IT security must be an integral part of any IT strategy and that includes all those new technologies you’re trying out for the first time including containerisation, and the internet of things.
However it’s not just hackers exploiting new technologies that are out to get you, as we will reveal later.
1/ The growth of containerised services in the cloud will fuel more attacks on cloud infrastructures and providers.
A growing number of IT firms run applications in software ‘containers’, rather than on virtual machines. In its simplest form, a container is a solution to the problem of running software on different computing environments, it removes the need to re-engineer the original application to work on a new system. Containers consist of an entire runtime environment: an application, plus all of its dependencies, libraries and other binaries, and other configuration files needed to run it.
This approach adds flexibility and efficiency to using complex applications. However, containers also create new security risks.
For one, there’s the issue of sprawl. Here, containers let organisations run multiple instances of an application; the risk is that these instances are running with varying and perhaps unsafe security patches. For another, there’s the sheer ‘newness’ of the approach, which means many security experts simply don’t know how to keep containers safe.
2/ The Internet of Things (IoT) will make enterprises more vulnerable by expanding the attack surface
IoT devices are expected to proliferate throughout 2016 and beyond, with Gartner recently releasing a report showing the growth of devices to reach 25 billion in the next five years. Market watcher IDC is forecasting worldwide IoT spending to grow by an average of 17 percent a year through to 2019, reaching $1.3 trillion.
By industry, manufacturing and transportation could be at greatest risk, because both have been connecting supply chains, products, customers, and even workers using IoT devices.
But just how vulnerable are IoT devices? Very, according to a report from earlier this year. When HP Enterprise reviewed 10 popular IoT devices, it found;
- all but one collects at least one piece of personal information
- six devices have user interfaces (UIs) that are vulnerable to weak credentials (such as ‘admin’ usernames) and other issues
- seven use unencrypted network services
- eight fail to require complex passwords
- seven let attackers identify user accounts through account enumeration
3/ The nature of state cyber attacks will evolve
Attacks by nation state actors will continue to evolve from reconnaissance and progress to network-infrastructure infiltration and physical attacks.
Governments are no longer satisfied merely with strong cyber defenses such as detection, protection and mitigation; now they also want the ability to conduct cyber attacks and effectively wage war online. These attacks include freezing or stealing money, causing problems to vital infrastructure like power plants, and interfering with the daily operations of hospitals and other public institutions.
Cyber attacks on industrial equipment that used to be deemed too difficult to hack because of the safety monitoring systems in place, are now not as secure as first thought, even though these systems tend not to be n the Internet but on private networks. It’s been demonstrated that even the strongest controls offer little-to-no protection if a Programmable Logic Controller (PLC) device is hacked (a common system component in industrial control systems in utilities). Compromising this type of equipment can involve a combination of cyber and physical attacks that require skills far beyond those of your typical cyber criminal.
The threat is real, and will continue to grow throughout 2016 and beyond. In 2009 spies in Russia, China and other countries penetrated the U.S. electrical grid and left behind potentially damaging software. The Chinese Government reportedly launched operation Aurora, an advanced persistent threat. And then there’s the online war between Russia and Ukraine.
Stealth is a prime characteristic of these attacks; being highly sophisticated – and therefore extremely difficult to detect.
Those are my predictions, and my advice – if you’re looking at bringing IoT devices or containers into your organisation it’s important to not just look at the direct business benefits, but to consider the security impact they will have. Do your due diligence with your chosen devices and suppliers and have a security plan in place for when you do roll out these new technologies.
About the author
Mike Stute is Chief Scientist at Masergy Communications and is the chief architect of the Unified Enterprise Security network behavioral analysis system. As a data scientist, he is responsible for the research and development of deep analysis methods using machine learning, probability engines, and complex system analysis in big data environments.
Mike has over 22 years’ experience in information systems security and has developed analysis systems in fields such as power generation, educational institutions, biotechnology, and electronic communication networks.