By Andy Riley, C|CISO, CISSP, HCISPP, CIAM
IIoT in a Nutshell
The Industrial Internet of Things or “IIoT” is a subset of the Internet of Things (IoT), where both concepts provide availability, connected devices, intelligence, and the primary objectives are to reduce cost through automation, improve accuracy and enhance life-safety. While IoT is most commonly used by consumers (Alexa, Google home, thermostats, etc.), we’re seeing IIoT in Industry 4.0, used primarily for industrial companies, most commonly in manufacturing to create a smart factory.
While it’s important for consumers to be cautious of their IoT devices that they use in their own homes, it’s also crucial for companies like manufacturers who are implementing IIoT, to also be cautious of the vulnerabilities and risks associated with IIoT and how to prevent them.
IIoT devices are vulnerable for a variety of reasons; devices can be older, yet still operationally viable, security flaws may go unpatched by either the device vendor or by the technology owner, and finally, devices can be cutting-edge, and the attack surface may not be well understood.
In addition, threat actors know just how valuable and vulnerable IIoT devices are as attack targets, and the impacts of an IIoT attack can be devastating. On a flat IP network, an attacker can use a compromised IIoT device to launch further attacks against potentially more valuable assets. Back in 2016, the Mirai botnet showed just how devastating compromised IoT devices can be by enslaving tens of thousands of insecure devices and launching massive distributed attacks that crippled major online entities for days.
As previously discussed, cyber-attacks against IIoT devices can cause damage to physical systems resulting in costly repairs and production downtime. Another concern with IIoT is information leakage or stolen intellectual property. IIoT gives manufacturers the ability to monitor critical business data created by a process. An example would be measuring the production output of a certain component through a quality assurance smart camera. Unauthorized access to this type of data could provide a competitor or rival nation-state with sensitive business intelligence like “what is being sold or processed and how much?”
The challenge with manufacturing technology and IIoT is ensuring that these vulnerabilities are secure. There are five key preventative and detective steps to take to ensure effective defense of IIoT systems and devices.
Maintain Logical and Physical identification of IIoT devices
Maintain an inventory of all IIoT devices, which includes their physical location, network addressing information, intended function and current software/firmware versions. Scan networks regularly for “unknown” IIoT devices to control proliferation, identify rogue devices, and maintain inventory visibility.
Manage IIoT software vulnerabilities
Conduct regular targeted vulnerability scans of networks containing IIoT devices. Develop a policy for addressing IIoT vulnerabilities in parallel with IT patching considerations rather than relying on opportunistic and incident-driven remediation.
Reduce to “least functionality” by hardening IIoT devices and segmenting networks
Remove unnecessary software functionality and code where possible. Augment device hardening with Network Admission Control (NAC) or a firewall to restrict IIoT communication protocols, applications, and network pathways to those required for proper device functionality.
Strong Logical Access Controls
Restrict logical access to IIoT devices to specific IP addresses and hardened gateway hosts, such as a Privileged Access Management (PAM) system. Implement Multi-factor Authentication (MFA) for access to IIoT devices and don’t rely on Active Directory or LDAP authentication alone.
Monitoring to detect compromised IIoT devices
Make sure that the network traffic to and from IIoT devices and networks are monitored 24x7, as well as logs from IIoT devices and related strong authentication systems.
IIoT in manufacturing is becoming more relevant and can be difficult to wrap your hands around. If you need assistance with ensuring your company is secured from IIoT vulnerabilities and monitoring your network, contact us for a free consultation or check out our resource library.