The race to secure the smart connected future
Wael Mohamed, President and COO of Trend Micro discusses the changing threats to digital systems and how the industry and public sector are collaborating to improve security
Of the many challenges which stand in the way of digital transformation today, one of the most pressing is security, and failure to address cybersecurity could result in a slowdown in the adoption of smart, digital practices, according to Wael Mohamed, President and COO of Trend Micro.
The security threat landscape is changing, Mohamed noted, both in terms of the range and number of systems that are potentially at risk, and the severity of the threats. There are a number of factors which are influencing this change, not least the growth of connected systems in the Internet of Things, and the massive growth in endpoints that this represents.
Governments worldwide are taking the lead in smart, connected cities, looking to create a new economy of connectivity to deliver optimisation, improve resource utilisation, enhance services and relationships with citizens and drive productivity and growth. This digital environment is bringing together systems that were never part of any network in the past, such as utility meters, street lighting or automobiles, and connecting them with standard IP communications, he explained.
While this vision is at different stages in different countries around the globe, cyber criminals are very much taking notice of the potential to exploit devices in the Internet of Everything, he said. A 2013 experiment by Trend’s Forward-looking Threat Research (FTR) team created an Internet-based simulation of an industrial-control system (ICS), for a make believe water-pumping station in rural Missouri. The system was soon probed by unknown hackers, and over a four month period, the system was attacked 17 times, in ways that would have caused ‘catastrophic’ damage to a real waterworks, Trend reported.
The shift from closed, proprietary systems to open standards-based systems is also opening up more systems to attack, and the nature of the systems, shifting to critical areas such as healthcare or traffic systems, means that the level of acceptable risk has been reduced or eliminated altogether.
“With something like online banking, you can assume that ‘x’ percent [of transactions] go rogue and figure out how to support the whole system based on that,” Mohamed said. “The challenge is, when you get to smart cities, you don’t have that luxury — it is more than risk. If you are dealing with healthcare, for example, connected heart monitors, then there is no taking risk in those parameters.”
The increase in connected devices also means more types of device need protecting, even from threats that are not that significant for regular IT systems, as cybercriminals look to exploit new avenues of attack. On top of that, monetisation is increasing the motivation of these hackers.
Mohamed explained: “One of the things that we are seeing, is with ransomware which started as a trickle a few years ago, and then suddenly, it just picked up speed because people figured out how to monetise it. It started as consumer [threat], and then moved all the way to enterprise. A couple of healthcare companies basically paid up, and now people realised they can make money.
“I am not worried too much about ransomware because we have the techniques to deal with that, but the concept of ransomware — it can go to the next level — will I be able to hijack your smart meter, or hijack your car and demand a ransom? Those are very scary thoughts, and we need a lot of work as researchers and security companies to get ahead of that and close that gap.”
Combating these evolving security threats will require close collaboration across different sectors, Mohamed added. Government usually forms the nucleus of security planning, he said, and Trend is already working with the public sector in many different areas, including threat intelligence and work with law enforcement agencies such as Interpol.
The company can play an important role in providing consultancy to government and to owners of smart city platforms, as a vendor-neutral source of expertise to connect, test and protect the different elements of a smart city platform, Mohamed said, as well as helping the public sector to develop its own security capabilities.
“When it comes to government, we will work with them, and figure out how we can collaborate. I believe in future, governments need to be able to ensure that they have a cyber security arsenal at their disposal, they need to be able to protect their national interests, and they need to have the expertise to be able to do so.”
Delivering this security protection increasingly requires local expertise and resources, he added, as threats become more localised, and more collaboration across vertical sectors also becomes vital as private sector organisations join the digital environment. While there is now an awareness of the need for security within organisations that are creating connected solutions, often they lack the skills to develop complete security themselves, or to co-ordinate across the whole ecosystem.
“Everything is becoming electronic, security is becoming important — everyone from the CEO to the engineers are aware of it, but whether or not they have the people internally to have airtight security, there is a long way to go. They need to interact with other devices that are not in their control, and then the scope goes beyond just the manufacturer, and that is where basically we lend a hand,” Mohamed said. “We really look at systems the same way a hacker does, with a different intent.”
Developing the skills base to tackle the growing security threats is an important area for Trend, Mohamed added, and the company is working with academic programs in many parts of the world to get graduates into the security sector. Trend is also looking at how new technologies, such as analytics, cloud and AI can be used to improve processing of security data, extend coverage and automate processes to enhance security — the company will utilise any technology that is available, he said.
Trend has also developed its expertise with different teams covering different areas of security, such as threat intelligence, to improve coverage. Last year, the company acquired Tipping Point from HP to increase its capabilities in the area of intrusion prevention and unknown threat/ zero day threat response.
Tackling the unknown threat is still one of the biggest challenges for the security sector, Mohamed admitted, as well as keeping pace with the changing technology environment. However, innovative thinking, experience, and new technology are improving the ability to deal with threats.
“I think the biggest challenge is technology basically changes far more frequently than ever. ‘Leapfrog’ [skipping a generation of technology] used to mean five to ten years, and now we are talking about months. We are building things on an assumption of what we know today, but every six months there are new things,” Mohamed commented. “When you think about our business, it is a race, so we will use everything in our abilities to be able to get ahead.”