Smart cities will help both the private and public sector excel in many areas, but as helpful they are, they also come with many security risks. PERRY HUTTON, Regional Vice President – Africa at Fortinet, outlines five security areas CIOs need to watch out for.
Car navigation systems that can predict where and when traffic jams might occur, by siphoning data from sensors in roads and other vehicles. Cameras that can spot litter in public places and call in the cleaning crew. Self-adjusting street lamps.
These are just a few of the scenarios that could become commonplace as smart cities take hold over the next few years. Driven by rising urbanisation and fuelled by technologies such as the Internet of Things (IoT) and data analytics, smart cities are on the cusp of explosive growth. Glasgow, Barcelona, Nice, New York City, London and Singapore have already embarked on the trek. The smart city technology market could be worth US$27.5 billion annually by 2023, according to Navigant Research.
Smart city initiatives are driven by public sector initiatives. However, they will have a big impact on businesses. CIOs will have to learn how to tap on the new connected city infrastructure for their business. Smart city technologies like IoT and data analytics are expected to drive innovative business ideas in the future.
But the new wave of smart city services and technologies are also expected to create new security vulnerabilities. Here are five areas CIOs should watch out for.
1. A further fragmentation of IT
The last few years saw a rapid proliferation of cloud services and mobile device adoption in the workplace. The trend has transformed business productivity. But it has also wrecked the tight-fisted control that CIOs used to be able to exert on their IT systems.
CIOs now have to grapple with the idea of employees using unsanctioned cloud services via unsecured phones to hook up to corporate servers and accessing sensitive business data. The expected explosion of IoT devices − researchers estimate that by 2020, the number of active wireless connected devices will exceed 40 billion worldwide − will result in a further fragmentation of IT in businesses.
Instead of fighting the losing battle of trying to lock down devices and services, CIOs should look at protecting the data. Look for IoT devices that offer device-to-device encryption. Consider implementing − as well as bolstering − comprehensive encryption schemes to protect data in networks, cloud services and endpoint devices.
2. Device vulnerabilities
In the past year, security researchers have exposed holes in Wi-Fi-enabled Barbie dolls, Jeep Cherokee cars, fitness trackers and other new-fangled connected devices. Fortinet’s FortiGuard Labs already see IoT based attacks on the radar and happening in real time around the world. This shows the risks that are coming as toys, wearables, cars and power grids get attached to sensors that are linked to a common network and the Web.
IoT will bring forth a larger surface attack. Hackers will eye IoT devices as a launching pad for ‘land-and-expand’ attacks. One scenario: hackers take advantage of vulnerabilities in connected consumer devices to get a foothold within the corporate networks and hardware to which they connect.
So how do CIOs protect against the risks of connected devices and their own IoT implementations? Short of physically separating such devices from all other network systems, they can consider deploying network-based protection schemes. Internal segmentation firewalls, or ISFWs, for instance, can mitigate the proliferation of threats inside the business network. They also need to employ an IoT network security solution which is capable of mitigating exploits against this growing and vulnerable attack surface. IoT vendors need to harden their products and develop proper product security (PSIRT) teams.
3. IoT gateways can be exploited
In a typical IoT deployment, the majority of connected devices will be always connected and always on. Unlike mobile phones and laptops, such devices are likely to go through only a one-time authentication process across multiple sessions. This will make them attractive to hackers looking to infiltrate into company networks, as it allows easy control and sniffing of traffic. Shoring up the security of the gateways that connect IoT devices is therefore a must. CIOs should map out where these gateways are and where they are linked to − they can reside internally or externally, and even be connected to IoT device manufacturers. There must also be a sound plan for updating security patches on these gateways, as well as the IoT devices.
4. Big data, more risks
If there is a constant in smart city deployments, it is that more data will be generated, processed and stored. Connected devices will generate huge data repositories. Businesses that adopt big data systems will see an even larger data deluge. Unfortunately, such data will also become attractive targets for corporate hackers. To protect huge amounts of data with large inflows and outflows, the bandwidth capabilities of security appliances will come to the fore. And when dealing with data analytics, it often isn’t just a single data set, but multiple repositories of data that may be combined and analyzed together by different groups of people. For instance, a pharmaceutical company’s research efforts may be open to employees, contractors and interns. This means individual access and auditing rights.
5. A new can of worms
New worms designed to attach to IoT devices will emerge − and they could wreak more havoc given the extended reach of the new converged networks. Conficker is an example of a worm that spread on PC’s in 2008 and is still persistent and prevalent in 2016. Likewise, worms and viruses that can propagate from device to device can be expected to emerge – particularly with mobile and the Android operating system. Embedded worms will spread by leveraging and exploiting vulnerabilities in the growing IoT and mobile attack surface. The largest botnet FortiGuard labs has witnessed is in the range of 15 million PC’s. Thanks to the internet of things, this can easily reach in excess of 50 million if the spread of IoT worms is not properly mitigated. Patch management, and network based security inspection – particularly intrusion prevention systems or IPS – that can block IoT worms is a must.
How to create an esports team
2018 was a landmark year for South African esports as one of the country’s best teams took the battle overseas and made waves in the international scene. A year ago Bravado’s top Counter-Strike: Global Offensive (CS:GO) team relocated to Arizona in the U.S., a venture dubbed Project Destiny, where they used the opportunity to train as full-time professional athletes and conquer the best teams out there.
Project Destiny was a massive success. A year later and Bravado’s CS:GO team had carved a name for itself through several high-profile victories and invitations to top tier tournaments. Clearly this is not the end of the story and the team has been reflecting on the lessons and opportunities.
Team captain Dimitri “Detrony” Hadjipaschali helped lead Project Destiny and gleaned a considerable amount on what needs to go into an esports team.
Team for the right reasons
For aspirant pro players who want to up their game, pun intended, he advises starting at the basics: why do you want a team?
“In recent times, people want to create a team with no direct intention, not knowing if they want to do this casually and socially, or professionally. Doing this professionally requires risk. It depends on how much work and sacrifices are contributed to the cause of creating a team. Playing socially is fine, part-time, as many people do, but playing professionally and wanting to reach the top one day, purely depends on your dedication, motivation and intention.”
Put in the hours
Like any aspirant pro athlete, preparation requires hours of training. Bravado’s players all put in several hours of training daily, 7 days a week, and Project Destiny’s full-time pros worked multiple training sessions every day, usually in the morning and afternoon for 4 hours each, as well as competitive matches in the late evening.
But even Bravado members who are not full time still put in hours of training every day. Serious players need to find the time and build up their dedication because this level of performance is simply the bar set in esports. Said Dimitri:
“The general esports title or game a team competes in will require anything, if not more than, a traditional sport outside of esports would require to get to the top.”
Fortunately, you don’t have to go all-out from the start. Esports are tiered with the top players in the highest tiers. So there is space to cut your esporting teeth while making room for it in your life. But never forget that to be one of the best means no half-measures. In esports, you have to commit to win.
“A good team player is an individual who views his team as a single unit and not just himself as an ‘individual player’ in the bigger picture,” said Dimitri. “They put their team first and before themselves. This is the first main fundamental of a mindset required for a team player.”
Pro teams shouldn’t be mistaken for gaming clans, which are more casual and where gaming is a hobby. Even though they can be very competitive, clans mostly play for fun and entertainment, whereas a professional team is highly competitive with goals that it sets out to accomplish.
This is important because it helps the team members agree on the importance of those goals and the focus required. If you are not willing to show up every day to play the same game, partake in training exercises and learn from feedback, a pro career won’t work for you:
“Playing professionally requires aligned individuals where they share common goals and have equal intentions to realize what they want to achieve and what it takes to compete at a high level.”
Professional athletes aren’t created overnight. It takes many years of focus and dedication while also pursuing studies or working at a day job before someone manages to ascend into a paid career. Esports is the same and demands patience alongside dedication.
Esports teams amplify this requirement. While in Arizona, Bravado applied the maxim “Teams who work together win together.” Household chores were divided up between players, creating a sense of common responsibility. This repetitive reinforcement of team values is crucial for success, whereas impatience for a team to ‘click’ is a recipe for disaster:
“Often, teams do not achieve their desired results and achievements in the short run and immediately resort to a roster change. Or someone in the team is replaced without a completely valid reason. This underestimates the importance of sticking together to create synergy in the long run.”
He also added that using time smartly is perhaps even more important than the amount of time spent on training. The team under Project Destiny used a full-time coach who helped set routines, objectives and priorities:
“The mistake with teams struggling to improve these days is that they do not know and understand how to work with limited time, and how to do this best and constructively as possible. Often teams that aren’t at a top competitive level yet arrange bootcamps, but set the limited time they have with each other incorrectly, or rather not to the best potential.”
When Bravado embarked on Project Destiny, it aimed to put South African esports on the map and serve as role models for aspirant players in the country. By those measures, it has been a huge success and Bravado continues to grow and educate. Through the ongoing support of sponsors Alienware and Intel, Bravado continues its mission of creating esporting excellence and opportunity for South Africans.
Learn more at bravadogaming.com or contact Bravado’s players directly via their social media accounts.
Opera reveals SA browsing habits
Opera, one of the world’s major browser developers, and leader in AI driven digital content delivery and discovery, has released its State of Mobile Web 2019 report, revealing that nine out of ten people in South Africa use their mobile browser every day.
Other Key findings from the report include:
- Internet users in Africa use their browser to access social media domains such as Facebook, YouTube, Twitter and Instagram, followed by entertainment and search websites
- Opera News users in Africa spend 50% of in-app time watching videos
- South Africans pay six times more per gigabyte of mobile data than people in India
- Opera Mini saved users nearly 100 million USD in mobile data in 2018
The report reveals that the Opera mobile browsers and standalone news app were used by nearly 20 million internet users in Africa and by more than 350 million people globally in the first quarter of 2019. The State of Mobile Web 2019 report also shows that Opera experienced a growth of more than 26 percent of its user base year on year, compared to the first quarter of 2018 in Africa.
“We are thrilled to see that our mobile browsers and news app have grown by 25 million monthly users in the last year, ” said Jørgen Arnesen, Head of Marketing and Distribution at Opera. “The new Opera News app has led this positive growth, as well as the introduction of new features to our mobile browsers like built-in VPN and crypto wallet. The successful partnerships Opera has with major smartphone manufacturers in Africa have also contributed to this massive growth”.
The 2019 edition of the State of the Mobile Web report looked into the use of the Opera Mini browser and the Opera browser for Android, and it shows that mobile browsing is one of the most popular online activities among African internet users. For example, in South Africa, nine out of ten people use their mobile browser every day, an activity they prefer over the use of other applications like YouTube.
The report also revealed that on average, Africans using Opera spend more than 30 minutes browsing online each day. The most browsed category of websites was social media platform domains such as Facebook, YouTube and Instagram, followed by search engines like Google, and entertainment and sport websites.
100 million dollars saved on mobile data
In the State of the Mobile Web 2019 report, Opera gives detailed insight into the use of the data savings feature in the Opera Mini browser, and compares the average price of mobile data in 20 countries in Africa. The results revealed that the data compression mode in Opera Mini saved users nearly 100 million USD of data in 2018.
In this analysis, Opera also compared the costs of data in some African countries with the cost of mobile data in India and Germany. The outcome of this analysis showed that South Africans pay six times more per gigabyte of mobile data than Indians and almost the same price as Germans for one gigabyte of mobile data.
Rapidly changing news and video consumption landscape
The report takes a look at the trends of news and video consumption across Africa. This includes analyzing the usage of its standalone Opera News app, which grew from launch to over 20 million users in a period of one year. Categories like breaking news, local news, and entertainment were the favourites among users in the first quarter of the year.
Video content is also becoming more popular among people who use the Opera News app. The report shows that people spend 50 percent of in-app time inOpera News watching videos on Instaclips, the recently added video feature on the news app.
The usage of Instaclips keeps growing since its test launch in December 2018: in Q1-2019, Instaclips registered a total of 122,000 videos uploaded in different languages such as English, Portoguese, French, Arabic and Swahilli.
Expanding beyond browsing to fuel digital transformation
Opera’s commitment to digital transformation in Africa is ongoing. Beyond the development of its mobile browsers and standalone news app, Opera has made major investments on the African continent, expanding its services to other technology areas such as FinTech and digital advertising.
In 2018, Opera announced the launch of OKash, a fintech micro-lending solution that quickly gained traction among mobile internet users in Kenya. Today, OKash ranks among the most downloaded micro lending applications among Kenyans and its user base keeps on growing.
In May 2019,Opera announced the introduction of Opera Ads, a new advertising platform that allows media agencies and publishers to run more targeted marketing campaigns through the Opera platforms.
The full version of State of Mobile Web 2019 report is available to read online or for download by clicking here.