With IoT penetration on the rise, securing the networks, infrastructure and devices becomes ever more essential. We review some of the surprising ways connected things have been used to hackers’ advantage and what we can learn to stop history repeating itself.
In 2016, a photograph taken of Mark Zuckerberg revealed that he’d taped over the camera and microphone on his laptop.
It felt vaguely ironic that the man behind Facebook was so paranoid about his privacy, but it raised an important question for many about the safety of connected tech. As internet of things (IoT) keeps growing in penetration, lots of so-called smart devices have revealed themselves to be anything but when it comes to security.
As these devices create and collect more data, they become more attractive to hackers.
“Gartner found that nearly 20 percent of organisations observed at least one IoT-based attack in the past three years.”
With a total of 20.4 billion connected ‘things’ predicted to be in use by 2020, sometimes even the most innocuous products can offer a way in for people with nefarious intentions as we see below…
Beware of the fish
Many people who go to Vegas come back with far less money than they went with, but it’s not usually due to a cyber-attack, much less one that started in a fish tank. However, that’s exactly how an unnamed casino in Sin City was once infiltrated, when an aquarium thermometer used for remote monitoring and feeding was used to gain access to the network and a list of the casino’s highest-spending visitors was stolen. The hackers stole 10GB of data in total, sending it to a remote server in Finland.
When autopilot strikes back
With modern cars becoming more and more like computers on wheels that you can drive, you don’t necessarily need to be behind the wheel to be in charge of the vehicle. In 2015, a pair of friendly hackers demonstrated a vulnerability in an automaker’s connected vehicle platform, which powered the in-car systems for their leading brands. While a journalist from Wired magazine drove his car through downtown St. Louis, USA, the hackers sent commands through the entertainment system, taking control of the car’s air-conditioning, stereo and windscreen wipers, before finally cutting the power to the wheels and allowing the car to roll to a stop.
And the beat goes wrong
In August 2017 nearly half a million pacemakers were recalled when a vulnerability was discovered that could allow hackers to alter a patient’s heartbeat. None of the radio-controlled devices, which were made by a leading healthcare company and sold in the USA, were reported as compromised but the potential damage that could be caused was critical, and firmware updates were applied to devices that had been implanted in order to prevent the weakness being exploited.
Lights out
Sometimes it’s not hackers you need to be wary of but the behaviour of IoT devices themselves. In 2018, cyber-security blog Limited Results took a hacksaw to a LIFX Mini White and discovered vulnerabilities with the smart bulb itself. Anyone with physical access to the product could extract the owner’s Wi-Fi password as it was stored in plaintext on the device, along with the RSA private key and root passwords. LIFX fixed the vulnerabilities with a firmware update but it raises important questions around the disposal of unwanted or defective smart devices.
Losing your voice
IoT products aimed at children will always raise extra concerns around security, especially when there are stories like the one involving CloudPets. The cuddly toys were removed from sale by retailers, including Amazon and eBay, after it was discovered that two million voice messages, which were recorded by children and uploaded via the toys’ accompanying smartphone app, were being stored in the cloud without any authentication required to access them. The database also included email addresses and passwords of parents who had bought the toys.
So what do these incidents tell us about the internet of things?
Firstly, it has opened up a vista of new exploit scenarios where attacks can come from anywhere.
“Products like these are susceptible because businesses often focus on the new feature set of the IoT device and the security aspect tends to be an after-thought.”
But with every new connected device, the threat landscape evolves that little bit more, meaning security tools need to be agile enough to cope at every point.
IoT devices are increasingly being used across diverse sectors including manufacturing and retail sectors and, as seen by the Vegas fish tank example, can be gateways to other parts of an enterprise’s network. Given that 80 per cent of the world’s data is kept on private servers and the punishments for breaching GDPR rules can be cripplingly severe, keeping hackers out has never been more crucial.
The fledgling nature of IoT is likely to make it an attractive target to hackers for the foreseeable future but emerging technologies can provide a potent defense in the fight against them. Implementing security analytics strategies based on Big Data can help identify anomalies in behaviour and usage across the vast populations of IoT that are getting launched, to pick on critical security incidents or misuse. Also, Blockchain, for example, can remove the need for a central authority in IoT networks, meaning devices in common groups can alert administrators if they’re asked to carry out an unusual task.
“Fundamentally, though, IoT should not be feared.”
With the correct safeguards in place it can deliver the improved processes, reduced costs and better-quality services it’s designed to provide.”
Read more about the importance of security in the digital age.
Transformational Hybrid SolutionsOur cloud-enablement services offer the best performance on your traffic-heavy websites or mission-critical applications.
Core NetworksTata Communications™ global IT infrastructure and fibre network delivers the resources you need, when and where you need them.
Network Resources 
Unified Communications As A ServiceBreak the barriers of borders efficiently and increase productivity with Tata Communications’ UC&C solutions.
Global SIP ConnectEmpower your business with our SIP network and witness it grow exponentially.
InstaCC™ - Contact Centre As A ServiceCloud contact centre solutions for digital customers experience and agent productivity.
DIGO – Communications Platform as a ServiceDIGO is an in-network cloud communications platform, enabling you to power up converged contextual human-to-everything conversations globally.
Unified Communication Resources Case studies, industry papers and other interesting content to help you explore our unified communications solution better.
IoT SolutionsThe Internet of Things is transforming the way we experience the world around us for good. Find out more about our Internet Of Things related solutions here.
Mobility SolutionsTata Communications’ mobility services enable your enterprise to maintain seamless communication across borders, with complete visibility of cost and usage.
Multi-Cloud SolutionsWith enterprises transitioning to a hybrid multi-cloud infrastructure, getting the right deployment model that yields ROI can be a daunting task.
Cloud ComplianceCompliant with data privacy standards across different countries and is also designed to protect customers’ privacy at all levels.
IZO™ Cloud Platform & ServicesIZO™ is a flexible, one-stop cloud enablement platform designed to help you navigate complexity for more agile business performance.
Managed Infrastructure ServicesIntegrated with our integrated Tier-1 network to help your business grow efficiently across borders.
Cloud PartnersWe support a global ecosystem for seamless, secure connectivity to multiple solutions through a single provider.
Governance, Risk, and ComplianceRisk and Threat management services to reduce security thefts across your business and improve overall efficiencies and costs.
Cloud SecurityBest-in-class security by our global secure web gateway helps provide visibility and control of users inside and outside the office.
Threat Management - SOCIndustry-leading threat-management service to minimise risk, with an efficient global solution against emerging security breaches and attacks.
Advanced Network SecurityManaged security services for a predictive and proactive range of solutions, driving visibility and context to prevent attacks.
Cyber Security ResourcesCase studies, industry papers and other interesting content to help you explore our securtiy solution better.
Hosted & Managed ServicesTata Communications provide new models for efficient wholesale carrier voice service management. With our managed hosting services make your voice business more efficient and better protected
Wholesale Voice Transport & Termination ServicesYour long-distance international voice traffic is in good hands. End-to-end, voice access & carrier services which includes voice transport and termination with a trusted, global partner.
Voice Access ServicesTata Communication’s provide solutions which take care of your carrier & voice services, from conferencing to call centre or business support applications.
CDN Acceleration ServicesOur CDN Web Site Acceleration (WSA) solution helps deliver static and dynamic content, guaranteeing higher performance for your website.
CDN SecuritySafeguard your website data and customers’ information by securing your website from hacks and other mala fide cyber activities.
Video CDNDeliver high-quality video content to your customers across platforms – website, app and OTT delivery.
Elevate CXIncrease customer satisfaction while empowering your service team to deliver world-class customer experience and engagement.
Live Event ServicesTata Communications’ live event services help battle the share if eyeballs as on-demand video drives an explosion of diverse content available on tap for a global audience.
Media Cloud Infrastructure ServicesTata Communications’ media cloud infrastructure offers flexible storage & compute services to build custom media applications.
Global Media NetworkTata Communications’ global media network combines our expertise as a global tier-1 connectivity provider with our end-to-end media ecosystem.
Use CasesUse cases of Tata Communications’ Media Entertainment Services
Remote Production SolutionsMedia contribution, preparation and distribution are highly capital-intensive for producers of live TV and video content, and their workflows are complex.
Media Cloud Ecosystem SolutionsThe Tata Communications media cloud infrastructure services offer the basic building blocks for a cloud infrastructure-as-a-service.
Global Contribution & Distribution SolutionsTata Communications’ global contribution and distribution solution is built to reduce capital outlay and grow global footprint.
Satellite Alternative SolutionsAs more and more consumers choose to cut the cord & switch to internet-based entertainment options, broadcasters are faced with capital allocation decisions.
LeadershipA look into the pillars of Tata communications who carry the torch and are living embodiment of Tata’s values and ethos.
Culture & DiversityHere at Tata Communications we are committed to creating a culture of openness, curiosity and learning. We also believe in driving an extra mile to recognize new talent and cultivate skills.
OfficesA list of Tata Communications office locations worldwide.
SustainabilityTata Communications adopts a holistic approach and harnesses the power of new-age technologies like 5G, IoT and AI to build a sustainable digital world.
FAQCheck out our FAQs section for more information.
BoardHave a look at our board of members.
ResultsFind out more about our quarterly results.
Investor PresentationsFollow our repository of investor presentations.
FilingsGet all information regarding filings of Tata communications in one place.
Investor EventsAll investor related event schedule and information at one place.
GovernanceAt Tata, we believe in following our corporate social responsibility which is why we have set up a team for corporate governance.
SharesGet a better understanding of our shares, dividends etc.
SupportGet all investor related contact information here.
Oracle
Amazon Web Services
Microsoft
Google Cloud
IBM Cloud
Salesforce
Alibaba Cloud
Digital Futures
Smart Cities
Corporate Venturing and Innovation
