Mesh Networks: Little clouds, big risks

The Internet of Things (IoT) relies on connectivity; however, when it comes to connecting ‘things’ with low data traffic requirements, it’s not always cost-efficient , or necessary, to build large-capacity networks to serve them. Enter mesh networking, a configuration that uses dozens, if not hundreds, of nodes that communicate with each other to share a network across a large area.

However, with all its attributes, mesh networking poses significant risks, particularly if the network relies on unsecure radio or wireless connections, which is most often the case.

Where and how it’s used

Mesh networking is used to ensure reliable communication in constantly changing environments

Organisations that require extensive mobility for core operations use mesh networking to ensure reliable communication in constantly changing environments. They’re also used in factories to connect robots or quasi-independent automated machinery that require uninterrupted, low-level data connectivity, and in homes for a growing range of networked solutions such as smart heating, security and personal assistance.

What’s the downside?

There are a number of shortcomings and considerable risks associated with mesh networking that aren’t apparent with more tightly controlled cellular networks. These include:

  • Power: The spectrum supporting mesh networks is in relatively short supply and relegated to higher frequency bands such as 2.4GHz, 5.2GHz or 5.8GHz. Tapping these frequencies is power-intensive and, for ad hoc or remote solutions, raises issues with battery constraints. Mass-market (i.e., connected home) propositions are focused on lower spectrum bands, which require less power but offer less bandwidth.
  • Volume: Mesh topology doesn’t easily lend itself to transmitting large quantities of data, such as video; expanding the number of nodes is a solution, but can increase latency, which is a major risk to mission-critical activities.
  • Connectivity: Mass-market propositions developed by global players that use a constantly-updated operating system can sometimes result in a temporary loss of connectivity. This happened earlier this year when Google amended the cloud-based software powering its WiFi mesh routers, OnHub and Google WiFi nodes. When the update took effect, the cloud-based operating system no longer communicated with devices, effectively cutting their connection. While the error was quickly fixed, it highlights a risk to consumers who depend on always-on connectivity.
  • Security: The biggest risk is in enterprise and personal security. Each node in a mesh network represents a possible point of attack and a single stolen computer or account password would comprise the whole network. A hacked device could be repurposed to spread viruses throughout a mesh network; an infected computer could attack other computers within the network, infecting them as well, and causing a cascade effect known as Distributed Denial of Service (DDoS) that would slow the network down to the point of interoperability and cause significant damage to physical and software elements.

DDoSs are crude weapons used to cause maximum damage as quickly as possible. More insidious forms of attack via mesh networks are also possible, and could case far reaching problems that could go undetected for long periods of time. Compromised computers could be used to passively monitor traffic moving within the network, giving a hacker access to sensitive information such as login credentials and banking details. Hackers could easily dip in and out, sifting enough data for their immediate needs over time.

Large-scale mesh networks are generally deployed for ad-hoc or short-term use, giving would-be cyberattackers little time to identify weak links

Less passive, but equally difficult to detect incursions are possible if a compromised computer is used to modify sent data and disrupt the passage of information, preventing end-users from receiving key data. Variations of this approach see compromised devices blocking only selected data, giving the impression that the computer and network are working normally and allowing the hacker to gradually amass valuable information.

Fortunately, large-scale mesh networks are generally deployed for ad-hoc or short-term use, giving would-be cyberattackers little time to become aware of the opportunity to identify weak links. Although a number of cybersecurity firms and professional hackers have developed viruses that –under laboratory conditions – demonstrate the potential to disable city-wide smart grids, no verifiable real world attacks have been reported so far.

What are some best practices to mitigate risk?

Businesses that are setting up enterprise-class mesh networks for the long-term should ensure that designated primary access nodes are equipped with antivirus and security software and periodic checks on data flows are carried out. Best-in-class IT risk management practices should be implemented for mesh networks and risk awareness heightened among employees to ensure an up- to-date enterprise risk culture is in place. The ‘insider threat’ is real; access policies should be enforced, preventing use of unsecured devices such as flash memory and smartphones.

For consumers using mesh networking in their home, factory-set passwords should be changed once the device has been installed, and those passwords should be updated regularly to avoid a potential security breach.


Learn more about comprehensive cybersecurity from Willis Towers Watson.

About Fredrik Motzfeldt

Fredrik is the Regional Industry Leader for Willis Towers Watson in Great Britain.  Fredrik has more than 26 years…
Categories: Cyber Risk | Tags: ,

Leave a Reply

Your email address will not be published. Required fields are marked *