On the evenings of 22 and 24 October 2016, national telco StarHub's home broadband services unexpectedly were disrupted – an unprecedented occurrence in normally safe, efficient, and connected Singapore.
Subsequent investigations revealed the incidents stemmed from a Distributed Denial-Of-Service (DDoS) attack propagated by hackers. By taking control of connected devices such as routers and webcams, the perpetrators willfully shut down StarHub's broadband servers through an overwhelming spike of internet traffic from the affected devices.
DDoS attacks, while not a new form of cyber threat, have risen to prominence as cyber attackers have used them on large scale to great impact recently. Just weeks before the StarHub disruptions, a similar hack took place on the American East Coast which denied millions access to favourite websites and internet services such as Reddit and Twitter. In an ominous parallel on 28 November, another DDoS attack on Germany's largest telco, Deutsche Telekom, affected around 900,000 customers.
The implications of these attacks on hundreds of thousands of consumers go far beyond the disruption of internet services. Connected devices on networks, or the so-called 'Internet of Things' (IoT), whilst holding vast promise for businesses and consumers, have morphed into two-pronged threats. If devices in homes can be compromised, imagine the implications for businesses, infrastructure, and public institutions.
Highly skilled and well-resourced international advanced persistent threat (APT) groups or nation-state attackers, who have strong interest in obtaining inner network access, will look to take advantage of the growing IoT trend. With Gartner predicting 21 billion connected 'things' by 2020, companies will only become further exposed to attack as they deploy more and more connected devices.
Attacks of this scale have made it more evident than ever that the world is entering a new era of threat, and faith in trusted institutions can come undone at a moment's notice. For instance, power plants in Ukraine were hacked at the start of 2016, causing power outages to 80,000 homes for six hours. The big institutional banks have also bled millions to criminal hacks throughout the year.
In this heightened cyber climate, complete visibility of a network is crucial and organisations can no longer afford to keep the security of internet-connected devices as an afterthought. To prevent connected devices and networks from becoming unwilling accomplices, organisations must be able to detect any unusual behaviors across all their internet environments and across the thousands of daily minor incidents which will be impossible to manually keep tabs on.
There should hence be mounting pressure for companies to make themselves more resilient and adopt 'immune system' technology that uses machine learning and advanced algorithms to detect serious or suspicious threat indicators in real-time amidst the noise of daily activities, instead of relying on legacy tools to secure their IoT environment. Otherwise, there will only be more of these attacks seen as the world continues to embrace the Internet of Things.
The views expressed in this column are the author's own and do not necessarily reflect this publication's view, and this article is not edited by Singapore Business Review. The author was not remunerated for this article.
Do you know more about this story? Contact us anonymously through this link.
Sanjay is Managing Director, Asia Pacific at Darktrace. He has over 25 years of experience in the enterprise software industry specialising in the Asia Pacific region, where he has held a number of senior roles at leading software companies including Interwoven, Oracle, Autonomy, and OpenText. Sanjay has a degree in Computer Science from the Indian Institute of Technology, Roorkee.