In recent years, the manufacturing industry has gradually become one of the most active users of the Internet of Things. This technology brings digital innovation to the production floor, allowing manufacturers to increase efficiency, deliver higher quality products, and optimize resource management. Now, the Internet of Things has become a strong differentiating factor in this technology-intensive industry.
The COVID-19 pandemic has revealed another key advantage of the Industrial Internet of Things – making manufacturing companies more resilient to crises. In the context of isolation and economic turmoil, the development of the Internet of Things has played an extremely important role in ensuring the continuity and cost efficiency of business operations as well as the safety of workers at the production site.
This makes the Industrial Internet of Things (IIoT) the best solution to prevent similar emergencies and compensate for production outages, something many manufacturers are already realizing. Therefore, despite the current post-pandemic economic recession, the industrial IoT market is expected to see steady growth soon, reaching $263.4 billion by 2027, according to Meticulous Research.
But the road to connectivity is more difficult than ever. Throughout the pandemic, as commercial IoT systems have been made vulnerable by the shift to remote working and the resulting lack of control, there has been an increase in cyberattacks, many of which are novel. In addition, Kaspersky’s 2020 Industrial Cyber Security State Survey Report shows that 24% of manufacturing companies expect to reduce their security budget after the crisis. These factors, combined with the ongoing trend to view IoT security as an afterthought, make post-crisis IIoT projects or expansions of existing systems a high-risk undertaking.
In this scenario, the security of existing or potential Industrial Internet of Things (IIOT) systems will become the most pressing issue on manufacturers’ agendas. We’ve designed a detailed strategy to help industrial company owners and chief security officers safely navigate an Industry.0 environment of human-machine interfaces and smart devices.
1. The main culprit of industrial IoT security gaps
Let’s take a look at the vulnerabilities of Industrial IoT systems and how hackers can use them to gain a foothold in industrial networks.
1. Poor device and endpoint visibility
The lack of real-time visibility into connected devices, sensors, endpoints, their configuration and compliance may be an ever-present security challenge in the IoT space. According to the 2019 Panaseer Security Leaders Peer Report, even today with the proliferation of IT monitoring technology and rising security awareness, 20% of enterprises still regard IoT devices as the least regulated assets.
Clearly, such gray area devices are bound to fall victim to attacks. But how did a production company end up in the darkness of IoT networks? The reasons vary.
An enterprise may expand its networking infrastructure at such a rate that certain devices are excluded from inventory records due to neglect. Other manufacturers tend to forget about devices deployed decades ago that are almost never used but can still access the Internet. Some IT departments simply lack the tools or resources to monitor many connected assets, while other IT departments fail to correctly group their IoT networks appropriately, allowing some devices to slip through the cracks.
In industrial environments, the consequences of poor device and endpoint visibility are particularly severe. If malware gains control of unmanaged and unprotected connected devices, it not only blocks critical production data, but also jeopardizes final product quality, cripples production lines, causes supply chain delays, and even jeopardizes workers’ lives. Safety. Thus, something as simple as neglect can result in huge losses of property and reputation.
2. Ready-made settings
For many Industrial IoT owners, sticking to the default settings of connected devices is another danger. On the one hand, device manufacturers rarely use complex credentials, which makes them easy to detect in brute force attacks. Additionally, manuals containing initial configuration and passwords for the device may be online and end up in the hands of hackers. Thus, through ignorance or neglect, companies may leave their systems vulnerable to compromise.
The most notorious IoT device security threat today is Mirai, a botnet that has been severely damaging high-profile systems since 2016. This malware is simple: it scans the Internet for open devices and attempts to log in using common login password combinations. If successful, Mirai will hijack the device and continue to control the entire network.
During the pandemic, new Mirai variants emerged that target vulnerabilities related to remote work, such as webcams, modems, and routers. Because these devices are widely used by many manufacturers to remotely monitor production lines, failure to maintain them can become a serious vulnerability.
To protect your system from such attacks, it is necessary to change existing device credentials and settings before the system is put into normal use. Another good practice is to restrict access to connected devices to outsiders and junior personnel to minimize the risk of intentional and unintentional configuration or password resets.
3. Outdated software
For efficient, sustainable and secure Industrial IoT networks, up-to-date software and device firmware are key requirements, but not all companies successfully maintain this. On the one hand, typical Industrial IoT systems are complex and fragmented, and keeping track of all updates, upgrades, and patches and implementing them in a timely manner is a daunting task for a medium-sized IT department. In addition, in many cases, connected equipment may be out of service or not working properly throughout the upgrade process, and for some production lines, even brief downtime can cause disruptions.
Faced with such challenges, many Industrial IoT owners choose to postpone updates indefinitely. At the same time, outdated software and firmware lack associated protection mechanisms, critical patches and vulnerability fixes, leaving networking infrastructure vulnerable to the latest malware designed to exploit this vulnerability.
This year, for example, leading cybersecurity firm TrapX reported that it had discovered new Lemon Duck malware that targeted manufactured IoT devices using Windows 7 that had out-of-date updates and caused them to malfunction. When it comes to industrial devices, their operating systems are difficult to upgrade, and in some cases, owners have no choice but to replace the device with a new pre-installed operating system version.
In addition to security vulnerabilities, using outdated IoT software can lead to increased crashes and system downtime, lower productivity, and increased maintenance workloads. All this makes saving outdated firmware unprofitable.
4. Ineffective data security strategy
For industrial companies, the data generated by the IoT is not only sensitive but also part of the business secrets that cybercriminals typically seek. Verizon’s 2020 Data Breach Investigations Report found that extortion and industrial espionage were two central motivations for attacks within the manufacturing industry.
Realizing this, Industrial IoT adopters have strengthened the security of their software and firmware to avoid attacks. Amidst all these approaches, unfortunately, the protection of the data generated by the Industrial IoT itself is often overlooked.
The 2020 Unit 42 IoT Threat Report states that up to 98% of IoT device communications are unencrypted and transmitted in plain text within the connected ecosystem. So, if an attacker manages to penetrate an Industrial IoT network (which, as mentioned above, can happen despite security measures), confidential data from sensors, endpoints, and wearables will be there exposed and easy to collect.
In April 2019, a hacker group used this typical security oversight to conduct a large-scale espionage operation. They targeted vulnerable IoT devices at hundreds of organizations, ranging from government agencies to industrial companies, to gain access to their systems and then capture network traffic.
Given the devastating consequences of trade secrets being made public, manufacturers should be more secure than sorry and make device communication logs and transaction encryption a mandatory security measure.
5. No segmentation
Another common mistake among Industrial IoT adopters is failing to logically partition their networking environment into smaller groups of devices and subnetworks. Flat, unsegmented Industrial IoT networks are easier to maintain and manage when scaled down, but this is where it comes in handy. In the long run, such infrastructure will become a hassle and a fatal flaw that undermines corporate network security.
On the one hand, an unsegmented Industrial IoT network is a large attack surface, so a single vulnerability is enough to allow malware to access the entire network. In addition, inventorying a huge industrial IoT environment is a complex undertaking that includes many devices of varying service ages, standards, and uses, so security flaws and potential hazards may go unnoticed due to human oversight. (Source: IoT Home Network) In addition, as the system expands, it gradually becomes difficult to install new devices into a complex security architecture and ensure its end-to-end maintenance.
Physical segmentation using firewalls was once a common practice for protecting Industrial IoT networks, but recently, virtual segmentation using VLANs and ACLs has become a more effective approach. Due to the massive scale of Industrial IoT, implementation and maintenance of a complete level of internal firewall architecture proves to be very expensive and complex. Micro-segmentation, in turn, is not only a cheaper and simpler solution, but also allows for more flexible and granular grouping of devices.
2. Industrial Internet of Things Security Strategy
Recently, the Industrial Internet of Things has become one of the favorite attack vectors for hackers. Now, manufacturers must thwart new and evolving malware injections, while also addressing vulnerabilities created by legacy hardware and software, poor infrastructure, and the recent shift to remote work.
A holistic solution for IoT security is the only way to stay protected and productive during these tumultuous times. These principles will help industrial companies choose a sustainable and comprehensive industrial IoT security strategy.
1. Take necessary measures
Paying attention to IoT security fundamentals is the first step in protecting your connected industrial environment. Although these methods may seem simple, they can still easily and effectively protect the industrial IoT from the most common security applications or minimize the negative impact of vulnerabilities. Additionally, they serve as a solid foundation for more advanced safety controls you may choose to adopt.
Here are best practices worth introducing into your Industrial IoT environment:
Segmented IoT Network
Introducing two-factor authentication
Encrypt device communications
Manage user access to data and smart devices
Filter outbound and inbound network traffic
Implement real-time security monitoring system
Install software patches and updates promptly
2. Improve industrial IoT security awareness
Manufacturers improve employees’ safety awareness. In such a hyperconnected environment, system security and integrity will become joint responsibilities, and a lack of employee understanding of IIoT architecture, devices, and data storage will sooner or later lead to unintended security breaches.
Therefore, to safeguard your future implementation, be sure to provide all employees with adequate information about the Industrial Internet of Things, its operations and vulnerabilities, and explain the security principles your company embraces. In addition, employees are educated on common sense safety measures and trained to identify safety threats.
Cybersecurity training should not be a one-time activity. With every system integration or strategic change, safety incident or new risk factor, employee knowledge needs to be updated. Last but not least, don’t forget to make IoT security training a part of employee onboarding.
Regularly evaluate the Internet of Things
Through routine security testing, Industrial IoT owners can stay informed about the security status of their connected ecosystem, identify any existing vulnerabilities and potential threats, and address them before they disrupt operations.
Penetration testing is a white hat hacking method in which quality assurance experts simulate malicious attacks on the Industrial IoT. It is particularly useful for revealing hidden vulnerabilities in device firmware and embedded software, which proves defense mechanisms. feasibility. In addition, companies can directly conduct risk analysis to identify weaknesses in their IoT system architecture, enabled devices, APIs, and protocols that may ultimately become security vulnerabilities.
3. Adopt an incident response strategy
After all, if a security breach occurs, IoT-powered manufacturing companies need enterprise action plans to address it quickly and efficiently. First, it should include instructions for IT security teams on how to identify the threat and its origin, isolate the affected area from the rest of the connected ecosystem, assess the damage, and manage the incident. In addition, the strategy should include guidance for employees, detailing how they should continue working during and after a security emergency.
It is also useful to include retrospective analysis of the incident so that security experts can understand the significance and root cause of the incident and take thoughtful steps to avoid recurrence.
Related keywords: network IO controller