From CableLabs: Cable's Role in Cybersecurity
The cable industry does more than just provide internet connectivity for millions of customers: it also plays an active role in driving security in the broader internet ecosystem. Cable operators have a long history of successfully defending against attackers seeking to steal service, customer data and video content. The cable industry has been protecting the delivery of high-value video content for over 30 years through technology that has never been breached in a successful, scalable manner. Moreover, the industry has been setting fundamental broadband security features through cable internet access standards for over 20 years to ensure the confidentiality, integrity and availability of cable broadband services globally. As the details and motivations of attacks continue to evolve, so does the security incorporated by cable operators.
Of particular focus for CableLabs is the urgent need to address the risks associated with insecure internet-connected devices (“Internet of Things” or “IoT”). IoT represents the next major axis of growth for the internet. But, without a significant change in how IoT providers approach security, the explosion of connected devices increases the risk to consumers and to the basic functionality of the internet. The consensus forecast has the number of devices connected to the internet doubling (or more) between 2016 and 2020. To the extent these devices do not contain sufficient security, the number of potential attack vectors will multiply rapidly as IoT proliferates.
A Comprehensive Approach to Addressing Insecure IoT
A combination of mitigation and prevention is necessary to fully address the current and emerging threats posed by insecure IoT. The cable industry recognizes that addressing these security risks (e.g., botnets) is a shared responsibility across the entire internet ecosystem. To this end, cable operators have invested substantially in developing and deploying measures to reduce the risks associated with insecure IoT, including DDoS and other botnet attacks, with a primary focus on protecting networks to ensure the availability of broadband service.
Cable industry efforts to improve measures that seek to mitigate attacks against their networks and their customers include both individual and collaborative measures:
- The development and advancement of compromised-device detection and identification systems
- Customer notification and remediation programs
- Distributed denial of service (DDoS) monitoring and mitigation systems
- IP-address spoofing prevention technologies and cybersecurity information sharing systems
In addition to maintaining and expanding these existing techniques, CableLabs and cable operators are also working on next-generation networking technologies to help reduce these risks.
Although Internet Service Providers (ISPs), including cable operators, have been working on mitigating the effects of compromised and insecure devices for more than 15 years, these efforts ultimately only address the symptoms and not the root cause of the problem. The challenge of this task has already begun to outpace current and anticipated techniques. Unfortunately, IoT providers have not generally incorporated the needed security measuresor committed to maintaining the security of their IoT devices. To fully address the risks posed by insecure IoT devices, IoT providers must drive increased security into future connected devices. Preventing compromised devices must be a substantial part of the industry’s shared responsibility in addressing the risks posed by insecure IoT to consumers and the internet.
Increasing IoT Security through an Industry-Led, Standards-Based Approach
Industry-led standards represent the most promising approach to increase IoT security. Given the global and constantly evolving nature of threats, the industry must utilize its expertise with a goal to develop, adopt and enforce fundamental IoT security measures. To achieve the needed level of security, an IoT security standard must address:
- Device identity
- Authentication, authorization, and accountability (onboarding)
- Lifecycle management
- Future (upgradable) security
A robust technical standard is necessary, but not sufficient. To establish value and credibility in the marketplace, an open and balanced development organization must be established to ensure due process and consensus, drive widespread adoption of the standard, address the intellectual property rights of participants and ensure conformity through strong certification testing and enforcement of the standard.
To this end, CableLabs and a number of cable operators are actively engaged in the Open Connectivity Foundation (OCF). The OCF is an industry effort to develop an open specification to enable connected devices to securely communicate with one another regardless of manufacturer, operating system, chipset or physical transport. OCF membership is broad-based with over 300 members, including leading companies at all levels of the IoT space – silicon, software, platform and finished-goods. CableLabs and Comcast hold board seats and CableLabs chairs the Security Work Group of OCF. In addition, CableLabs contributes to IoTivity, a Linux Foundation Collaborative Project sponsored by OCF, which provides an open source reference implementation of the OCF specification that will further enable broad adoption.
Engaging with the Broader Internet Ecosystem
CableLabs and the cable industry have enabled cable-based security technologies to be leveraged in the wider internet ecosystem, including in Wi-Fi hotspots, smart grid devices and medical communications, through CableLabs’ subsidiary, Kyrio. The cable industry also provides broad-based technology thought leadership on security through substantial contributions to the Internet Engineering Task Force (IETF), the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), Wi-Fi Alliance and the Broadband Internet Technical Advisory Group (BITAG), among other leading technical bodies.
Broadband service continues to become more integral to economic activity and social connectivity. The number of connected people and devices continues to grow, as does broadband network capacity and performance. Security provides the fundamental trust that enables these trends, and as the internet ecosystem grows, all actors must make it a priority.