Turning cyber threat into cyber opportunity

September 2018 Transport (Industry), Integrated Solutions, IT infrastructure

The network of connected sensors, devices, and appliances commonly referred to as the Internet of Things (IoT) has completely changed the way business works. This is as true of the heavy hauling and freight industry as any other. At any moment, various players in the industry can get a sense of vehicle health, cargo safety, and whether or not any infrastructure is in need of repair.

As IoT technologies have become more ubiquitous, so have the threats from cybercriminals however. With more than 20-billion IoT devices expected to be online by 2020, there are more gaps for cybercriminals to take advantage of than ever before. That has massive potential consequences for heavy hauling. A cyber-attack at targeted points in a country or region’s network could leave it crippled, preventing people from receiving much-needed goods and services.

Maeson Maherry
Maeson Maherry

Fortunately, it doesn’t have to be that way. According to Etion Group chief digital officer Maeson Maherry, it’s possible for businesses to reap the benefits of IoT without placing themselves in a compromised security environment.

“Connected sensors can provide businesses with useful data that can be easily acted on,” Maherry says. “Sensors in trucks and cargo containers, for example, can tell you when to do preventative maintenance, helping avert potential disasters.”

For that to work, however, people have to be able to act on that data. “If I can send commands to vehicles and machines out in the field, which is what sensors are in the first place, can I do so in a way that makes my business more productive and efficient?

“So, for example, if a vehicle is telling me that it’ll need maintenance soon, do I have the power to schedule that maintenance so that the machine is down for as little time as possible?”

If that is the case, that ability comes with serious benefits, but in order to be able to reap them, you have to know that you can trust the information coming from the embedded sensors in your network. Here, he says, the question of who owns the IoT devices and sensors in a business environment becomes critical.

“I’ve got these devices and sensors in my business environment, do they belong to me, or do they belong to their manufacturer?”

Logically, he points out, ownership should always lie with the business owner because these devices are used to make decisions with potentially massive business impacts. “You have to make sure that you’ve got owner-controlled security in place. You’ve got to make sure that you can control these devices, and make sure it’s only your device that plugs into your network.”

Even if you own the security, he adds, you still have to know that you can trust the entire system. “You’ve got to be able to trust everything, from the sensors themselves, the way they’re communicating data, all the way through to the information systems that are processing that data and turning it into information for you, so that you can make your own deductions and send back commands.”

Here the fundamentals of security – authentication, encryption, and integrity – come in. When it comes to authentication, this allows you to know that a sensor sending you information belongs to you and that when you send information to a sensor it will act on it. A lot of the work around encryption, meanwhile, comes down to picking your battles.

“Is it something that I need to worry about other people seeing?,” Maherry asks. “If the devices are sending out private medical information then the answer is yes, but if they’re just sending the settings on a machine then the answer might be no.”

Finally, integrity entails doing everything you can to prevent your machines being tampered with. And that’s incredibly important. Integrity is going to be at “the next wave of cybersecurity threats, which will be a constant concern for us over the next decade or more”.

We’ve already seen what happens when those devices are tampered with. In August 2016, cybercriminals used IoT devices to execute one of the biggest DDoS attacks in history, bringing down some of the Internet’s biggest sites. It’s only a matter of time before someone tries to bring down a freight network.

Fortunately, says Maherry, such incidents are avoidable. “It’s possible to solve all these issues with the cryptography and technology that we have today, we just have to have the conversations to start with. The same is true with the devices: they’re going to need to be updated in the field, just like your computer or your phone get updated. You’ve got to make sure that there’s integrity in the code that’s running on these devices, even if it’s embedded.”

“The answers are definitely there,” says Maherry, “but if people are not thinking about the cybersecurity aspect and the ownership aspect, then you’re not going to get to the benefits of what IoT can really do on a large scale.”

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

A customised solution for backup power
August 2019, Specialised Battery Systems , News, Integrated Solutions
Specialised Battery Systems designed and implemented a bespoke solution for Stallion Security Electronics to deploy at almost any site.

Double dose of storage security
August 2019 , Products, IT infrastructure
The integration of InfiniBox and SafeNet KeySecure platforms brings data-at-rest encryption together with centralised logging, auditing capability.

Augmented security with drones
August 2019, Drone Guards , Editor's Choice, Integrated Solutions
Drone Guards is moving into an untapped market of using drones to secure residential estates and other high-value assets such as mines, farms and commercial properties.

10 things to consider when shopping for a VMS
August 2019, Genetec , CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Today’s video management systems (VMS) provide a wide range of tools and capabilities that help make security personnel more efficient by allowing them to focus on what really matters.

How far are we really at with artificial intelligence?
August 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring, IT infrastructure, Residential Estate (Industry)
Justin Ludik unpacks exactly how far AI has come and what it potentially can do for society and more importantly, surveillance.

From fog to foxes
August 2019, Axis Communications SA , Perimeter Security, Alarms & Intruder Detection, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
What makes radar devices so valuable is the fact that they can provide a high range of accurate data while barely relying on external factors, such as weather or light.

The hidden claws of proof of concept
August 2019 , Editor's Choice, Integrated Solutions
Proof of concept is a proven methodology for testing new technologies, but it isn’t perfect, and it can be more of a hindrance than a help.

Collaboration and tech key to safer, connected communities
August 2019 , Residential Estate (Industry), IT infrastructure
The advent of fibre-to-the-home has not only changed the way we work and play but has also heralded the launch of a number of advances for the security industry.

Local manufacturing – challenges and opportunities
August 2019, Centurion Systems, Technoswitch, ZYTEQ Fire , Integrated Solutions
Local companies manufacture a diverse range of products for the security industry, and although they face challenges, there are opportunities out there too.

Cyber tools and solutions
August 2019, Technews Publishing , Editor's Choice, Cyber Security, IT infrastructure, Residential Estate (Industry)
Hi-Tech Security Solutions looks at the various options we have when it comes to protecting yourself from the ever-growing scourge of cybercrime?