TECHNOLOGY
Botnets that link devices with IP addresses in order to launch coordinated attacks have been around for many years. However, for a long time, IP addresses were more or less exclusive to PCs and routers. The vast increase in IP-equipped IoT devices means that hackers can spread malware and viruses through a much larger number of machines. Gartner estimates there are some 6.4 billion of these devices currently in operation, not counting tablets, smartphones and computers, International Data Corporation’s puts this figure at 9 billion.
As IoT devices become more widespread and billions are added each year, basic security precautions become increasingly important. To enhance IoT safety, Level 3 Threat Research Labs, which provides communications services to enterprise, government and carrier customers, recommends disabling unused services, such as telnet. It is also advisable to replace standard passwords with new – and different – ones when setting up each new device.
A hackers might consider the fibre backbone that links all IoT devices as a possible channel for exploits. In fact, bends in fibre cables may theoretically provide a path to ‘leaked’ data. Each fibre has two refractive glass layers, through which light travels to a detector input-spot that needs to be perfectly aligned.
So does that mean there is real cause for alarm? Should we assume that fibre is inherently unsafe? Not quite… First of all, hackers would need direct access to the fibre cable and they would have to carefully strip it of its protective covering. The amount of power and alignment would also need to be exactly right. They’d also need the right hardware and software tools to detect, demodulate, restructure and decrypt the information. Access protection is one vital aspect of enhancing protection, as is using physical locks to project cable joints and connection points. Using passwords and encryption further add to increasing safety. It may be theoretically possible to ‘steal’ light from an over bent fibre, but the likelihood of someone successfully doing so and actually accessing sensitive data is negligible.