In the past, military tanks and weapons were measures of a country’s power. Today, digitalisation efforts have become the ‘weapons’ of the 21st century, and nations compete to be the smartest.

But countries face an entirely different battleground with today’s digital weapons. Singapore, for one, has set out to equip all of its 110,000 lamp posts with a network of wireless sensors and cameras, which can introduce cyber vulnerabilities.

“As leaders look to accelerate digital adoption in their community, it is crucial that they take the necessary measures to mitigate the corresponding increase in cybersecurity risks,” says Joanne Wong, Vice President of International Marketing, APAC and EMEA, at LogRhythm.

Wong shares how LogRhythm’s Security Information and Event Management (SIEM) technology has helped Singapore secure its network of lamp posts against increasingly complex cyberattacks.

The dangers of digitalisation

With sensors and cameras, Singapore’s lamp posts will be more than just light sources — it will detect and monitor changes in environmental conditions, track vehicle speeds, and possibly incorporate facial recognition.

But the cameras and sensors serve as countless access points, widening the threat landscape. “As more devices go online and are connected to one another, so will the number of threat vectors amplify,” says Wong.

While such IoT devices can help countries advance their digital ambitions, they are often designed independently and lack built-in security capabilities, says Wong. Malicious actors may exploit these vulnerabilities to take control of lamp posts and spread malware, or gain access into the network to obtain critical data.

Back in 2016, a malware known as Mirai infected vulnerable IoT devices before carrying out an attack that left websites such as Twitter, Netflix and Airbnb inaccessible. “These cyber attacks could ultimately have a national or global impact, given how these devices are integrated into the physical infrastructure and linked to global networks,” says Wong.

LogRhythm believes that cybersecurity and digitalisation go “hand-in-hand”, says Wong. “Considering the immense amount of citizen and urban data collected from these smart lamp posts, it is critical to ensure these IoT devices are backed by a security solution that could protect the integrity of the data.”

Using SIEM for security

With the looming security threats, Singapore implemented LogRhythm’s SIEM solution to secure its smart lamp posts at one of its security operation centres (SOC).

Activity around the cameras, sensors, cloud network, servers and the SOC’s workstations were integrated onto the NextGen SIEM platform. This enabled the security team to monitor the entire network and detect anomalous activity in real-time, says Wong.

Soon after implementation, the security team already started to detect and mitigate threats targeting the network, says Wong. The solution has given security teams complete visibility through a single platform, enabling them to identify high-risk activities in the network and corroborate threat indicators, she adds.

The SOC team also needed to automate and remediate threats given the volume of devices and network activity that require round-the-clock monitoring. The SIEM’s automated incident response allowed security analysts to “zero in on the right alarms with speed, whilst cutting down on time spent on addressing false positives,” Wong says.

LogRhythm’s SIEM platform is also equipped with machine learning and artificial intelligence. Its Machine Data Intelligence Fabric provides security analysts with critical context from captured log data. This way, the SOC team’s search and analytics, and detection and response become way more efficient and accurate.

Security analysts can also quickly blacklist global IP addresses trying to breach the server with the help of LogRhythm’s Threat Lifecycle Management tool.

Within two weeks, the SIEM solution ingested data from the smart cameras and custom device management system. It also successfully monitored and secured data from over 200 disparate log sources, saving the SOC 200 working days.

“Altogether, the SIEM technology has empowered the team to confidently safeguard citizens’ data, and put a hard stop to any suspicious user activity,” says Wong.

Next steps

With the successful deployment of the NextGen SIEM platform in phase one, LogRhythm is confident that it is “taking steps in the right direction when pursuing digital innovation”, says Wong. It is critical to instill public confidence that the data collected is properly safeguarded, she adds.

LogRhythm is in the midst of planning for phase two of the project, Wong says, and will continue to work closely with the team to understand their considerations and offer relevant cybersecurity solutions.

Being the first-of-its-kind in Singapore, the smart lamp post project plays an important role “in demonstrating how digital transformation can, and must, go in tandem with cybersecurity measures, says Wong.

“As we continue to embrace the era of ‘Smart Everything’, we recognise that we cannot truly be ‘Smart’ without being cyber secure — our reliance on technology cannot leave us vulnerable and helpless to threats,” Wong emphasises.

Cybersecurity a shared responsibility

The rollout of 5G and emerging technologies like artificial intelligence and blockchain are opening up new opportunities for cyber criminals, says Wong. So, governments need to be more deliberate in investing resources to strengthen their cybersecurity posture.

Australia, for example, has committed to increase their cybersecurity budget to $1.6 billion to invest in critical infrastructure and boost community awareness. Singapore, on the other hand, has partnered with the private sector to safeguard the nation’s critical sectors.

That said, cybersecurity is also a “shared responsibility among businesses and individuals”, Wong maintains. “While the government should take the lead and provide guidance on best practices, organisations and individuals must take ownership of their own data and adopt good cyber hygiene practices as well.”  

Innovating to stay ahead

With novel and complex attacks on the horizon, “current approaches to cybersecurity and existing IT resources and capabilities must therefore evolve as well,” says Wong.

LogRhythm has an aggressive innovation roadmap to support security professionals in tackling the sophisticated threat landscape. The team constantly looks to enhance the platform by introducing new developments and upgrades, Wong says. LogRhythm Labs also conducts research on emerging threats to help organisations stay ahead.

On top of that, the company runs hackathons twice a year for engineers to work together and let their imagination run wild. Engineers may create new innovations that could potentially become security solutions, Wong says.

Lastly, LogRhythm conscientiously takes customer feedback into account. “In fact, several of our innovations are derived based on actual customer feedback,” Wong reveals.

Armed with a mindset of innovation and cutting-edge security technology, LogRhythm is well positioned to protect Singapore’s smart lamp posts from the host of vulnerabilities that lie ahead.

This is a contributed article by LogRhythm, a sponsor at the upcoming OT-ISAC Virtual Summit 2020 taking place on 10 September. For full info, please visit https://www.otisac.org/ot-isac-summit-2020