Safeguarding Industrial IoT: A rising security challenge – Part 1

Trevor Daughney, VP of Product Marketing at Exabeam

The Fourth industrial revolution has unleashed a myriad of opportunities for organisations eager to leverage a new generation of connected Industrial Internet of Things (IIoT) devices and reap the rewards of enhanced data sharing, operational efficiencies, and productivity, says Trevor Daughney, vice president of product marketing at Exabeam

Around the globe, cities are deploying innovative ‘smart’ technologies to connect everything from power grids to transport infrastructures in a bid to improve the quality of citizens’ lives. Healthcare is another sector that’s quickly adopting IoT technology to streamline care delivery and give patients more control over their treatment. Meanwhile, manufacturers are rapidly upscaling their smart factory investments, utilising everything from programmable logic controllers (PLCs) and embedded systems to IIoT devices in their production facilities.

As a result, connected operational technologies (OT) are rapidly becoming the backbone of modern commercial automation solutions, business operations and critical infrastructure. However, the rapid proliferation of such devices has opened the door to external security threats.

Indeed, a recent 2019 study by the Ponemon Institute reveals how OT environments used to run critical utilities like electricity and water are now top targets for cyber attackers looking to cause “severe” damage. With 54% of utility companies saying they expect an attack in 2020, the digitalisation of OT assets represents a clear and present danger when it comes to protecting critical infrastructure and initiating cyber resilience that works.

Similarly, according to a recent smart factory report by Deloitte and MAPI (Manufacturers Alliance for Productivity and Innovation) cyber threats now represent a growing menace for manufacturing companies looking to converge IT and OT across their operations.

The trouble with digital transformation

Until recently, the risk posed by the adoption of IP-based connectivity in industrial environments was largely overlooked. In the past, legacy control systems had specific functions and were often unconnected to other systems, which made attacks unlikely and difficult to achieve. This complacency resulted in the rise of the notion that industrial assets are immune to cyber attack if they are isolated from the Internet or other vulnerable corporate networks.

However, the infamous Stuxnet worm attack carried out on an Iranian nuclear facility proved a major wakeup call for industrial enterprises across a range of industries. Designed to bypass standard network security programmes, Stuxnet reprogrammed nuclear centrifuges to perform cycles that resulted in them disintegrating.

It was an attack that demonstrated how adopting IP-based connectivity between industrial systems also results in increased exposure to highly complex and sophisticated cyberattacks. Simply put, IIoT devices often have native integration with IP networks. While this helps to streamline operational tasks, it also means that everything else that’s connected is now a vulnerable soft target for global cyberthreats – in much the same way as standard IT devices.

Mind the security gap: the IT and OT disconnect

It’s not just IIoT devices that are being exploited within OT systems. Historically, cyberattacks have targeted IT assets that enable business operations, like computers and mobile devices, for data theft. However, cyberattacks against IT devices – including networks and systems that transmit or distribute power to an OT system – can be triggered to hijack the control systems that operate critical infrastructure. The result of such hacks will be physical damage, widespread outages, and the loss of operational data.

This poses a significant challenge for organisations where IT and OT leaders have, until now, operated in independent silos. A less than ideal scenario if organisations are leveraging IoT devices that need to be integrated to – and then managed – using existing IT network infrastructures.

The growing convergence of IT and OT security means every organisation needs to gain an integrated overview of global security aspects and vulnerabilities in a bid to prevent infiltration that could result in the destruction of critical infrastructure or data loss.

It’s time to apply industrial cyber security

From the automotive industry to smart cities and big pharma, organisations with IIoT and IT devices within their OT systems need to evaluate exposure and maximise their ability to quickly detect, respond to and mitigate attacks. However, providing device security can be challenging – especially since IIoT and IT devices are inherently different, and IIoT devices were never designed to integrate with security management tools. In my next article, I’ll explore these challenges together with the frameworks and solutions that organisations can apply to achieve industrial cyber security that works.

The author is Trevor Daughney, vice president of product marketing at Exabeam

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

RECENT ARTICLES

Surrey leads new £8 million FORT centre for advancing secure networks

Posted on: March 18, 2024

The Engineering and Physical Sciences Research Council (EPSRC) announced that Surrey’s 5G/6G Innovation Centre will lead a new £8 million Centre for Doctoral Training in Future Open Secure Networks (FORT). 

Read more

Protecting assets with LTE, NTN & 5G LPWA

Posted on: March 15, 2024

In this compelling piece, part of the Key Industry Insights Series, Analyst Robin Duke-Woolley of Beecham Research and Kevin Guan of Fibocom, explain how LTE Cat 4/1/1bis/M, NTN and 5G LPWA are working to change the game for protecting goods and supply chains with total, global coverage asset tracking for reduced losses and improved operations

Read more
FEATURED IoT STORIES

What is IoT? A Beginner’s Guide

Posted on: April 5, 2023

What is IoT? IoT, or the Internet of Things, refers to the connection of everyday objects, or “things,” to the internet, allowing them to collect, transmit, and share data. This interconnected network of devices transforms previously “dumb” objects, such as toasters or security cameras, into smart devices that can interact with each other and their

Read more

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more