In 2016, hundreds of thousands found themselves without power following a cyberattack on a major Ukrainian energy plant north of Kiev. The attack targeted a specific digital relay with malware that resulted in broad system failure. Specifically, the exploit succeeded by compromising “[f]irmware used by Serial-to-Ethernet converters -- which connect industrial equipment to computer networks.” This digital relay and the subsequent intermediating firmware are perfect examples of a growing trend known as the Industrial Internet of Things. The Ukrainian plant failure also stands as an early example of IIoT devices being exploited as a security vulnerability. But what exactly is the Industrial Internet of Things and how can critical infrastructure stakeholders approach cybersecurity to avoid networking security incidents such as this?
For many years, the Internet of Things (IoT) has described the proliferation of network connected devices – traditionally sensors. Everything from thermostats to security cameras, smart lightbulbs to heart monitors are becoming internet devices and assigned independent IP addresses. The IoT phenomenon has focused on commercial products and serving individuals by augmenting consumer IT networks. In parallel, however, a similar phenomenon is being seen within industrial settings far removed from consumer products. In particular, sensors within operational technology (OT) networks are being integrated into other networks to increase efficiency within industrial control systems. This is the Industrial Internet of Things (IIoT).
Of course, industrial systems have long relied upon complex networks of sensors. Historically, however, these sensors have lacked networking capabilities – or simply been contained within a discrete OT system. Recent trends, however, have led to an increased demand in network-connected sensor systems. There are many reasons for this demand. For example, enterprises are pushed to collect larger, faster, and more accurate data sets to increase efficiency and producers are working to collapse distance between production and end user requests. Whatever the cause, modern industrial demands are being aided by network connected sensors of all shapes and sizes. Furthermore, the leading accounting firm PricewaterhouseCoopers estimates that IIoT will “dwarf the size of the consumer IoT by several magnitudes.” This is supported by a 2020 study within the Journal of Computers & Electrical Engineering which found that “in 2023 the share of IIoT in the global market will be approximately 14.2 trillion US Dollars.”
From this macro trend comes three specific implications for industrial network operators: merging OT and IT systems, an expanded vulnerability surface, and an increase in the importance of asset visibility and monitoring capabilities.
In short, the IIoT is an exciting development within industrial environments. At the same time, security stakeholders need to understand the important networking security implications. Ignoring any of these risks could destroy the productivity gains of the IIoT model due to the costs of a cyberattack. To help mitigate this, OT cybersecurity teams must implement the five foundational security controls:
Industrial Defender is already safeguarding IIoT systems around the world by automating OT asset inventory and data collection, managing asset configurations, visualizing which assets are vulnerable to attack, and monitoring the network and endpoints for security events.
To learn more about how you can apply foundational controls in your IIoT environments, check out our CIS Controls Implementation Guide here.