Info Image

Irdeto: CPE Security Key to Cyber-Resiliency for Operator Broadband Services

Irdeto: CPE Security Key to Cyber-Resiliency for Operator Broadband Services Image Credit: Irdeto

With Asia Tech x Singapore 2021 around the corner, The Fast Mode spoke to Norbert van der Laan, Lead Cyber Forensics of the Cyber Security team at Irdeto in a brief interview on the vendor's plans and showcases for this year's event. Irdeto is a global provider of digital platform security, protecting platforms and applications for video entertainment, video games, connected transport, connected health and IoT connected industries. Representing Irdeto, Norbert shares his expectations of the event, as well as his outlook for the future of the CPE market, particularly CPE security.

Are you looking forward to Asia Tech x Singapore? What are you expecting from this year's event?

We look forward to Asia Tech x Singapore, since it’s the first time that multiple facets of technology advancement are integrated into a single flagship event. We expect to share and exchange Irdeto’s experiences in digital platform security as well as:

  1. Have conversations with broadcast, OTT operators, communication operators, as well as internet service providers.  
  2. Learn and share our observations on the fight against piracy and on revenue protection - at BroadcastAsia.
  3. Explore more business opportunities and position ourselves as a trust-worthy technology provider in this market.

What's your showcase theme this year, and what are the key technologies you will be exhibiting/discussing?

In our BroadcastAsia presentation, we’ll discuss how broadcasters can be more cyber-resilient while in our virtual booth, we’ll demonstrate Irdeto’s security solutions including Multi-DRM, Watermarking, Android TV and Trusted Home solutions.

For operator broadband services, what are some of the trends you see in the CPE market and how important is enhanced CPE security in protecting subscriber homes and enterprise data infrastructure?

As the average number of connected devices per home increases, consumers are putting rising amounts of sensitive data in the hands of their Internet Service Providers. From banking credentials to smart locks to security cameras and medical monitoring, they rely on broadband that’s not only fast and reliable, but also secure. At same time, we see that as the growth of the broadband market slows down, ISPs are increasingly looking to transform their broadband CPE into an application platform that delivers exciting and new in-home services that can generate a new revenue stream. But these advances bring increased risk to both ISPs and their subscribers. CPEs can be attacked from the open Internet and by unsecured IoT devices within the home. Hijacked or spoofed routers are a real risk to sensitive data, quality of service, the operator’s core network and their brand. An estimated 75% of all IoT attacks can be traced back to infected routers (Symantec 2019). Operators need to be, more than ever, vigilant over the security, resilience, and recoverability of their CPE.

But the CPE and smart devices in the home are only one part of the story. As video and broadband networks and IT systems become more intertwined, operators needs to protect all elements on their network and consumer facing apps from cybercrime. Cybercrime is a growing, highly successful and profitable industry. Cybercrime costs are estimated to grow by 15% per year, reaching US$10.5 trillion by 2025. A major component of this is ransomware. And COVID-19 has added fuel to the fire. Since the start of the pandemic, ransomware attacks have increased by nearly 500%. And at the same time, the average ransom payment has also gotten bigger (up 43 per cent from the last quarter of 2020 to an average of over US$200,000). What is even more worrisome is that these are not one-off ransom demands. Given that these typically involve a breach and extraction of company data, these ransomware attacks come with threats to release this data unless additional payments are made. In the first quarter of 2021 alone, over 75% of ransomware attacks were tied to such a threat.

Catastrophic loss of revenue and reputation can result when breaches interrupt connectivity, expose subscriber data, or leave the ISP’s own infrastructure open to attack. Threats will only increase as ISPs roll-out smarter CPE to act as an application layer and deliver new revenue-generating cloud services and as the lines between IT systems and network operations continue to be redrawn with information moving between them. Forthcoming IoT legislation in many markets could soon force operators to demonstrate measures to mitigate this risk and ensure recoverability from attacks.

Author

Lead cyber forensics in the cyber security team at Irdeto. Ten years of hands-on cybersecurity experience  in various consultancy roles. Manages investigations into major pirate operations and liaises with law  enforcement by providing forensic support and evidence and as an expert witness. Has performed  in-depth security assessments on video infrastructure for key operators and provided them with a  pragmatic plan on how to improve their overall cyber defence against rising content security threats.  This provides a unique view on what type of cybersecurity challenges the media sector is facing.

PREVIOUS POST

Are Online Scams Harder to Detect in a COVID World?

NEXT POST

NTT AT at AsiaTech x Singapore 2021: Optical Backhaul Networks to Power the 5G Future