2017 will forever be known as the year that the smart home started to take off. Researchers estimate that Amazon has sold over 15 million Echo devices to date. Plus, Google has sold another 5 million Google Homes. The overall smart home market is expected to grow to over $50 billion by 2022. Already 1 in 4 U.S. households has some kind of smart device in their home. With all the smart thermostats, smart fridges, smart light bulbs, smart doors and windows, personal assistants, and smart home surveillance, internet-connected home devices are rapidly stacking up in U.S. households. These devices are adding convenience and efficiency, but are they safe?
Internet of Things (IoT) devices continue to become more and more prevalent in our daily lives. Alexa gives us the daily news, smart agricultural sensors help farmers optimize yield, and connected sensors can monitor your pet’s movement and sleeping patterns. All told, IoT is expected to become a $500 billion market by 2022, r the same size as the overall economy of Sweden, 23rd largest in the world.
The question isn’t big or small business. It’s valuable or not valuable data.
What do local car dealers, hospitals and banks all have in common? At first glance, not much. However, all of them have become recent hacker targets. Why now when other, much larger corporate entities have traditionally been targets? One word – resources. Their resources, both network and personnel, are stretched thin. With the increased complexity and length of Distributed Denial-of-Service (DDoS) attacks, it’s a struggle for all organizations, let alone small and medium businesses. The 2016 State of SMB Security Report found that half of the 28 million small businesses surveyed were breached in the past year. Verizon cited, in their 2017 Data Breach report, that 61% of data breach victims were businesses with less than 1,000 employees.
In a recent Light Reading webinar, Principal Heavy Reading Analyst Jim Hodges and I discussed the growing need for Managed Security Services. DDoS attacks are becoming increasingly sophisticated and complex, lasting more than 24 hours in some cases. The attacks aren’t limited to specific industries or company sizes anymore, and push stretched internal IT resources to the breaking point. The 0s and 1s that flash through service provider networks are equally vulnerable. Attackers don’t care where the data is coming from…they’re looking for vulnerabilities they can exploit for money. The days of hacks focused on large retail organizations like Target and Home Depot are behind us. Merck and Co., a large U.S.-based pharmaceutical firm, was one of several global companies impacted by a massive global attack. Don’t let these hacks bring your customers’ network down.
Big. Small. Public. Private. Government. Retail. B2B. Non-profit.
Hackers don’t care about the size or purpose of the organizations they attack. They’re bombarding networks all over the globe with sophisticated multi-vector DDoS attacks, looking to grab any data from which they can profit.
For Service Providers, Universal Customer Premise Equipment (uCPE) is getting more interesting every day. IHS Market analyst, Michael Howard, said in a recent SDxCentral article that “the uCPE [universal customer premises equipment] phenomenon is an almost perfect storm of five trends, whether it is white box, grey box, or more proprietary. This new uCPE market is resulting from enterprise demand that virtualized security functions reside physically inside the walls of enterprise locations.” The trends that Howard cites are:
Recently I spoke on security in Austin at the Big Communications Event, where Verizon announced their uCPE (Universal Customer Premise Equipment) platform. Notably, they are choosing a white box platform from Adva running Openstack on a generic Linux server with a KVM hypervisor. Verizon’s new platform will enable them to deploy the device as a generic piece of NVFi to host any VNF in this generic Linux/KVM/Openstack environment. If successful, this gives Verizon huge flexibility to configure and deploy new services completely remotely via SW and remove one of the major cost drivers of Carriers: deployment and maintenance of CPE.
How to Provide State of the Art Protection against Real World Threats
We live in a world where increasing numbers of complex cyber breach tools are available on the Darknet. But what is the Darknet and how do we protect against it? The Darknet is an anonymous and obfuscated section of the internet where criminals can exchange information, tools and money to carry out attacks with little or no traceability. The Darknet provides a service marketplace where criminals can do many of the same things that law-abiding citizens do every day. Criminals search the internet (anonymously). They exchange emails with other criminals and prospective customers, they read news on the latest opensource tools available to perform effective attacks. They even have an online marketplace where cyber-attack services can be ordered and placed into your online shopping cart. In fact, a Darknet marketplace recently advertised $7,500 to rent the now notorious Mirai botnet – the same botnet used to generate a several hundred gigabit multi-vector attack that took down the services of Amazon, BBC, HBO, Netflix, PayPal, Spotify, and many others in October 2016.
As the Carrier vs. cloud competitor discussion has raged over the past few years, it seems there has been a truce called in the last few months. Rewind back a few years ago and the Web Internet Companies (WICs) and Carriers were mortal enemies fighting over the same space. As such, Carriers moved to buy or build their own Cloud data center operations. Verizon buying Terramark for 1.4B in 2011 being just one such example.