How Secure is the Industrial Internet of Things (IIoT)?
The average person thinks about the Internet of Things, or “IoT” in terms of day to day consumer devices such as smart TVs, connected appliances, fitness tracking wearables, and more recently, cars. A new forecast from International Data Corporation (IDC) estimates that there will be 41.6 billion connected IoT devices generating 79.4 zettabytes (ZB) of data in 2025.*
The “industrial Internet of things” that includes Industrial Control System (ICS) devices such as electrical utility transformers, water system pumps, chemical plant sensors, and pipeline pressure valves gets far less attention, and thus may represent an even greater cybersecurity risk. While attacks against consumer devices such as smart fridges might cause some inconvenience (i.e. your refrigerator quits working and some food goes bad), attacks against IIoT devices can lead to disastrous widespread effects including loss of life (anyone remember the 2015 attacks in which hackers shut down power in a region of the Ukraine?).
In the past, industrial devices were mainly controlled through cordoned-off operational technology (OT) networks. Today, more and more IIoT devices interconnect with Information Technology (IT) networks that have access to the Internet. Interconnection between OT and IT networks results in improved operational efficiencies since centralized staff can monitor and control large numbers of ICS devices remotely, but greater access opens the door to potential intrusion into previously isolated IIoT devices.
ICS and other industrial devices may be more vulnerable than consumer or enterprise IT counterparts. These devices also have much longer life cycles so many are running very old operating systems that cannot be patched with protections against current security threats. Last but not least, slow proliferation of devices over time means records of what is currently deployed may be far from complete.
The net result is that IT departments newly tasked with managing and securing OT devices are blind to what needs to be secured and whether it’s being attacked. ZD.net writes, “If IIoT products haven't received updates, or are still equipped with default passwords and login credentials, they provide attackers with an easy backdoor into networks that are already known to be lucrative targets when it comes to confidential data.”
IT and OT teams must work together to bridge the visibility gap as quickly as possible. For devices such as laptops and servers , IT departments typically deploy hardware and software – malware analyzers, intrusion protection/detection systems (IPS/IDS), security analytics solutions – to detect and mitigate security threats. Such security solutions are fed network packet data through network visibility solutions that send a complete copy of network, device, and application communications for analysis.
Intelligent network visibility delivers exactly the right data to each analysis tool without relying on end devices such as laptops and servers to monitor security. Network visibility collects and aggregates network data providing access to copies of all packets data across an IT enterprise such that thorough monitoring and remediation can take place using the aforementioned security tools and other solutions.
By implementing a similar security visibility architecture on the OT side of the ICS infrastructure, more effective discovery, inventory, identification, and remediation of threats against IIoT critical device infrastructure can take place. Network visibility can be used to provide a complete view into all data running on the OT infrastructure regardless of the age and status of the connected devices, even if their existence was previously unknown.
Ixia, a Keysight Business, has long been a leader in the business of network visibility, delivering network data that provides a single source of truth. By passing pre-processed data to expert IIoT cyber security analysis partners such as Zingbox, Darktrace, Forescout, and Nozomi, OT security can be brought in line with that of more mature enterprise IT capabilities.
To learn more about securing the increasingly diverse network edge, contact your Ixia representative.
*Source: IDC, "The Growth in Connected IoT Devices Is Expected to Generate 79.4ZB of Data in 2025, According to a New IDC Forecast," 18 June 2019.