My baby monitor started a cyberattack? IoT industry suffering from security growth pains
There are currently no established Internet of Things security standards, and Singapore recognises that steps need to be taken to ensure minimum standards of protections in this space, says CSA.
(Updated: )
Ricky Lim
This issue of securing Internet-connected devices take on an added layer of importance and urgency when you consider how governments around the world are moving towards using these to enhance urban planning and management of their cities and countries.
Singapore, for example, has stated its intention to fit its streetlights with sensors that could potentially help with everything from monitoring the climate to implementing facial recognition tools to track errant motorists or flag when an accident has taken place.
This project is part of its Smart Nation Sensor Platform - one of five strategic national projects underpinning its Smart Nation ambitions.
Asked how the Government intends to secure these systems as they get rolled out, the Cyber Security Agency of Singapore (CSA) told Channel NewsAsia that agencies work closely to make sure that a device or project’s security design and architecture is resilient.
--
There are ways to ensure all IoT public infrastructure such as the lighting sensors - can be secured without compromising National infrastructure where compromised IoT device can be taken over by Internet hackers :-
(1) A secured dedicated private network tunnel is build for IoT devices.
Eg. of such tunnel are IoT-VRF (virtual routing forwarding tunnel)
(2) All IoT devices are put into this IoT-VRF - no other public intranet devices should share the same private tunnel used by IoT.
(3) IoT Servers to collected Big Data from IoT devices will sit in the same IoT-VRF for Big Data Analytic.
(4) Firewall use Access control list to prevent any data from IoT going out to Internet (thus there are no ways for hackers in Internet to collect spy data from compromised IoT).
(5) IoT servers can share the Big Data collected from IoT and route out to public infrastructure VRF by VRF router - without compromising the public infrastructure VRF.
or to be doubly safe, confirm plus chop ----- export all big data from IoT servers as batch file.
Then public infra server import the IoT batch files for processing........ this is real physical separation processing - sure 100% no security breach. ----- double confirm plus double chop....
Singapore, for example, has stated its intention to fit its streetlights with sensors that could potentially help with everything from monitoring the climate to implementing facial recognition tools to track errant motorists or flag when an accident has taken place.
This project is part of its Smart Nation Sensor Platform - one of five strategic national projects underpinning its Smart Nation ambitions.
Asked how the Government intends to secure these systems as they get rolled out, the Cyber Security Agency of Singapore (CSA) told Channel NewsAsia that agencies work closely to make sure that a device or project’s security design and architecture is resilient.
--
There are ways to ensure all IoT public infrastructure such as the lighting sensors - can be secured without compromising National infrastructure where compromised IoT device can be taken over by Internet hackers :-
(1) A secured dedicated private network tunnel is build for IoT devices.
Eg. of such tunnel are IoT-VRF (virtual routing forwarding tunnel)
(2) All IoT devices are put into this IoT-VRF - no other public intranet devices should share the same private tunnel used by IoT.
(3) IoT Servers to collected Big Data from IoT devices will sit in the same IoT-VRF for Big Data Analytic.
(4) Firewall use Access control list to prevent any data from IoT going out to Internet (thus there are no ways for hackers in Internet to collect spy data from compromised IoT).
(5) IoT servers can share the Big Data collected from IoT and route out to public infrastructure VRF by VRF router - without compromising the public infrastructure VRF.
or to be doubly safe, confirm plus chop ----- export all big data from IoT servers as batch file.
Then public infra server import the IoT batch files for processing........ this is real physical separation processing - sure 100% no security breach. ----- double confirm plus double chop....
No comments:
Post a Comment