The Internet of Things (IoT) has been changing the way businesses use technology for years now, and for the most part people have a basic understanding of smart devices and what they do. But what about the ‘industrial’ in Industrial Internet of Things (IIoT)?
What is IoT?
Before we get started it’s worth defining IoT. Techopedia does this well:
“The Internet of Things (IoT) is a computing concept that describes the idea of everyday physical objects being connected to the internet and being able to identify themselves to other devices.”
What is the difference between IoT and IIoT?
To put it simply, the main difference between IoT and IIoT is the general usage of each. As the name implies, the Industrial Internet of Things deals with industrial scale usage such as supply chain and manufacturing, while IoT is much more consumer centric.
For example, the mining industry is beginning to embrace IIoT to increase productivity, improve performance and detect problems before they occur. Rio Tinto is expected to have 150 autonomous vehicles across the country by the end of this year.
What are the security risks for IIoT?
According to the most recent CyberX report, 40% of industrial sites have at least one direct connection to the public internet. And plain text passwords are used by 69%. This leaves the door wide open for cyber criminals who can exploit these gaps to via malware with the intention of causing potentially irreparable damage to a business.
The Triton malware was designed to attack Industrial Control Systems (ICS) and in late 2017 an attacker deployed malware that had been specifically created to manipulate industrial safety systems in the Middle East. The repercussions could have cost lives and had a damaging impact on the environment, but luckily the attack triggered a shutdown response instead of disabling it.
This attack led technology company, and The Missing Link partner, FireEye, to make the following recommendations:
- Where technically feasible, segregate safety system networks from process control and information system networks. Engineering workstations capable of programming SIS controllers should not be dual-homed to any other DCS process control or information system network.
- Leverage hardware features that provide for physical control of the ability to program safety controllers. These usually take the form of switches controlled by a physical key. On Triconex controllers, keys should not be left in the PROGRAM mode other than during scheduled programming events.
- Implement change management procedures for changes to key position. Audit current key state regularly.
- Use a unidirectional gateway rather than bidirectional network connections for any applications that depend on the data provided by the SIS.
- Implement strict access control and application whitelisting on any server or workstation endpoints that can reach the SIS system over TCP/IP.
- Monitor ICS network traffic for unexpected communication flows and other anomalous activity.
So, if you’re in the business of operating industrial machinery or have IIoT in your sights, make sure you consider the potential repercussions of cyber attacks and talk to a team of security experts, for example – our amazing team here at The Missing Link - about how to protect your business.
If you liked this article, you may also like:
Quantum Computing: Is it a cybersecurity threat?
IT Automation: the what and the why
Three Essential Actions for Every CIO of Digital Organizations
