Cybercrime and fibre

As economies become more technology-dependent they become more vulnerable to cybercrime. Data is increasingly outsourced to cloud providers, making it more difficult to respond immediately and effectively to incidents. “Up to 85% of internet users feel their risk of falling victim to this type of crime is increasing”, claims Eurobarometer 423 on Cyber Security.  Billions of IoT devices are expected to be connected by 2020 and users need to be absolutely certain that their data is secure and that devices can’t be easily hacked. Chipmakers, for example, aim to embed security into hardware. Standards and harmonization also play an important role in introducing and enhancing safety. The same goes for awareness and education, especially amongst vulnerable target groups.

 

 

The ‘S’ in IoT stands for ‘Security’…

 

“Many Small and Medium Enterprises and end-users think that their data couldn’t possibly be of interest to anyone - which makes them vulnerable,” says Jan Schindler, Prysmian Group. “There’s always someone who wants to obtain their data - legally or illegally. One way to illicitly gather data is through sensors in IoT and other connected devices. If insufficiently protected, these can be exploited. CIA hackers have been known to target specific smartphones and computers. The ‘Weeping Angel’ program, for example, makes it possible to manipulate a TV set so that it seems to be switched off, while it is being used for monitoring. According to an article in Forbes magazine, hackers can use the Smart TV WLAN key to access wireless networks.”

 

“Although military equipment and networks are monitored and physically guarded, protection of ‘regular’ networks is left to their owners and operators. Although phone lines or aerial transmissions, for example, are deemed unsafe, eavesdropping on traffic within a fibre cable in this way is, in theory, impossible. In the previous edition of NEXST we explained how the fibre backbone that links all IoT devices could be abused as a possible channel for exploits which could potentially interrupt critical financial, security and medical data streams.  Although this would be extremely difficult and is very unlikely, from a technical point of view, there are devices that can pick up traffic on fibre cables. When this type of intrusion takes place, light is redirected, which can be detected by a protective fibre monitoring solution that can raise an alarm.

 

On attempted intrusion, some light is redirected onto another fibre. As soon as the light level changes, active fibre monitoring can detect the intrusion and raise an alarm. On fibre networks, traffic can be rerouted automatically whenever a network is sabotaged or suspicious activity is taking place. However, the nearer data is to the end point, the fewer alternative routes are available, increasing vulnerability.”

 

 

Cybercrime: not just a technology issue.

 

“Awareness plays an important part in the fight against cybercrime. The internet has no borders and simply outlawing or regulating certain behaviours won’t make problems disappear. A coordinated effort involving governments and the private sector is key. We should not only teach children how to use computers, but also educate them on how computers are networked and how data is transported and processed. It is also important that we realise that cybercrime was once limited to computers and peripherals, but now extends to every online device! What’s more, the advent of the darknet, where users can remain pretty much entirely anonymous after gaining access through TOR services retracing the movements of, for example, hackers, is virtually impossible.”

 

“Cybercrime must be considered from several perspectives: societal, cultural, psychological, economical and behavioural, for example. One important consideration with regard to cybercrime is the fact that the internet offers people in areas with great economic inequality, poverty and economic stagnation new ways to engage in illegal activities.  The USA, for example, is the Global leader in Cybercrime and also the richest and most economically unequal country in the world. The link between inequality and Cybercrime is also mentioned in the study Economics of Cybercrime: The Role of Broadband and Socioeconomic Status.”

 

“Finally, we must realise that there are other causes of security breaches and data leaks than crime and vandalism. Human error also plays a part. That’s why real time, up to date documentation is essential to enabling fast and effective fault tracking and repairs.”