Let’s Talk About Securing The Industrial Internet of Things

Increased deployment has made IIoT infrastructure an attractive target for attacks.

popularity

What is the IIoT?
Objects, sensors, actuators and controllers that were once designed for stand-alone operation are now increasingly connected by means of intelligent software and networks – forming the basis of the Industrial Internet of Things (IIoT). To be sure, GE defines the IIoT as “a network of a multitude of devices connected by communications technologies that results in systems that can monitor, collect, exchange, analyze, and deliver valuable new insights.”

The IIoT spans multiple industries including power and energy, oil and gas, manufacturing, chemical plants, healthcare, and aviation. As expected, the widespread global deployment of IIoT infrastructure has provided an attractive platform for targeted attacks by cyber criminals and other unscrupulous operators.

Attacks against IIoT infrastructure
Attacks against IIoT devices and infrastructure may be motivated by a number of factors such as corporate espionage or sabotage, financial gain (ransomware), political activism, or personal grievances. It is important to emphasize that an attack executed by a state or terrorist group against a sensitive IIoT target could potentially have a wider environmental impact than anticipated.

For example, in 2016 malicious attackers digitally infiltrated the Kemuri Water Company (KWC) using SQL injection and phishing techniques (note: the real company name has been withheld by Verizon). According to various media reports, the hack exposed KWC’s aging AS/400-based operational control system, with login credentials for the AS/400 stored on the front-end web server. This system – connected to the internet – managed programmable logic controllers (PLCs) that regulated the valves and ducts controlling the flow of water and chemicals. As Gartner’s Susan Moore confirms, the attackers managed to alter the levels of chemicals used to treat tap water, threatening the health and safety of affected citizens.

Cyber threats are primarily aimed at industrial control systems (ICS) such as distributed control systems (DCS), PLCs, supervisory control and data acquisition (SCADA) systems and human machine interfaces (HMI). Typical vulnerabilities include unsecured remote access, inadequate firewalls and an inadequate lack of network segmentation. Although malicious operators routinely target various segments of the manufacturing industry, data suggests that energy organizations are more prone to such attacks – which have steadily become more sophisticated over the years. Indeed, at least 75% of energy companies have confirmed one or more successful attacks over the past year.

The adoption of IP-based connectivity (used to communicate between multiple industrial devices) has significantly increased security risks, as has the growing use of sophisticated microprocessors in industrial equipment. This has made industrial control systems (ICS) one of the most vulnerable IIoT targets. Clearly, there is a real need for a turnkey Industrial Internet of Things security solution that can be easily implemented, maintained and upgraded to meet the evolving challenges of a dynamic IIoT threat landscape.

Securing the IIoT
More specifically, IIoT infrastructure should be protected by a comprehensive security solution (device-to-cloud) that does not disrupt operations, service reliability or profitability. A practical and simple, yet secure solution that can be easily and widely adopted by IIoT operators and their respective services is more effective than a ‘super solution’ that fails to gain serious traction. Such a solution should include the following capabilities:

Firmware integrity and secure boot: Secure boot utilizes cryptographic code signing techniques, ensuring that a device only executes code generated by the device OEM or another trusted party. Use of secure boot technology prevents hackers from replacing firmware with malicious instruction sets, thereby preventing attacks. Unfortunately, not all IIoT devices take advantage of chipsets equipped with secure boot capabilities.

Mutual authentication: Every time a smart actuator in the manufacturing floor connects to the network it should be authenticated prior to receiving or transmitting data. This ensures that the data originates from a legitimate device and not a fraudulent source. Mutual authentication—where two entities (device and service) identify each other—helps protect against malicious attacks. Cryptographic algorithms involving symmetric keys or asymmetric keys can be utilized for two-way authentication.

Secure communication (end-to-end encryption): Protecting data in transit between a device and its service infrastructure (the cloud). Encryption ensures that only those with a secret decryption key can access transmitted data. For example, a smart actuator that sends usage data to the SCADA must be able to protect information from digital eavesdropping.

Security monitoring and analysis: Capturing data on the overall state of the system, including endpoint devices and connectivity traffic. This data is then analyzed to detect possible security violations or potential system threats. Once detected, a broad range of actions formulated in the context of an overall system security policy should be executed, such as revoking device credentials or quarantining an IoT device based on anomalous behavior. This monitor- analyze-act cycle may execute in real time or at a later date to identify usage patterns and train the system to detect potential attack scenarios.

Scalable and agnostic: The Industrial IoT is still at a relatively nascent stage. As services mature and evolve, OEMs will modify their respective devices accordingly. This means the flow of data associated with various services will inevitably change to accommodate new revenue opportunities, along with an enhanced understanding of customer needs. Therefore, smart IIoT security solutions should be ‘future-proofed’ with flexible scalability to facilitate operability across multiple platforms and ensure an extended life-cycle.

In conclusion, the increased deployment of IIoT infrastructure has created an attractive target for cyber criminals and other unscrupulous operators. Industrial IoT security should therefore be viewed as a primary design goal, rather than a tertiary afterthought. To be sure, IIoT operators increasingly expect their devices to be protected out of the box, whether on the factory floor, in an electrical substation or a water treatment plant. However, IIoT device OEMs and operators need to be assured that securing the IIoT is not an insurmountable goal that negatively impacts routine operations, time to market or profitability.