Home

What’s the biggest threat to the industrial internet of things (IIoT) space?

A native industrial cyber attack has truly yet to happen. Most of the cyber attacks that have touched industrial environments have been IT-level attacks, like ransomware, or breaking in through enterprise remote access protocols. But for example, the world has yet to see a legitimate massive DNP3 attack, which is an industrial protocol, or a Modbus/TCP denial-of-service attack. When that starts to happen, it will be a game changer, because most security initiatives and products focus on protecting the IT side. The thinking is that those attack vectors are the only ones that will be relevant to the industrial side, but that is an incorrect way of looking at this space. That's an outside-in approach. If you look at it from the inside out, you’ll see that there are so many different attack surfaces on the inside of these networks, which is why native-level protection is important.  The challenge is that native-level protection is difficult. It requires an in-depth understanding of the network, protocols, devices and the settings of those devices. If you consider Stuxnet, the fanciest part of that attack, from the ICS perspective, was a settings change on the centrifuge controllers. That change took the target out of its normal range of operation in terms of a numerical value. There was nothing on the network that could prevent that numerical value from surpassing an acceptable threshold. And that led to physical damage.

39 views
7 comments
0 upvotes
Related Tags
Anonymous Author
A native industrial cyber attack has truly yet to happen. Most of the cyber attacks that have touched industrial environments have been IT-level attacks, like ransomware, or breaking in through enterprise remote access protocols. But for example, the world has yet to see a legitimate massive DNP3 attack, which is an industrial protocol, or a Modbus/TCP denial-of-service attack. When that starts to happen, it will be a game changer, because most security initiatives and products focus on protecting the IT side. The thinking is that those attack vectors are the only ones that will be relevant to the industrial side, but that is an incorrect way of looking at this space. That's an outside-in approach. If you look at it from the inside out, you’ll see that there are so many different attack surfaces on the inside of these networks, which is why native-level protection is important.  The challenge is that native-level protection is difficult. It requires an in-depth understanding of the network, protocols, devices and the settings of those devices. If you consider Stuxnet, the fanciest part of that attack, from the ICS perspective, was a settings change on the centrifuge controllers. That change took the target out of its normal range of operation in terms of a numerical value. There was nothing on the network that could prevent that numerical value from surpassing an acceptable threshold. And that led to physical damage.
0 upvotes
Anonymous Author
Inherently insecure OT networks: Complex and widely distributed architecture, limited OT visibility, and inadequate security controls gave attackers hundreds of possible entry points into companies OT networks. As a result, small-scale attacks usually can go unnoticed despite aggregating substantial damage—and posing substantial risks to OT availability, safety, and reliability—over time. 
0 upvotes
Anonymous Author
From the security viewpoint, it is exposed to usual cyber threats like device hijacking, device theft, DoS etc. kind of threats. From the business viewpoint, Interoperability of devices across the supply chain is very important so these need to be built as per the specific standards. Also, we can't expect industrial engineers to have same level of IT knowledge to manage IoT devices, so bridging the skill gap is another hurdle in this journey.
0 upvotes
Anonymous Author
Botnets most common threat to the Industrial IoT space, contain malware that allows the attacker to access the IoT device and its connection to infiltrate an organization's network, becoming one of the top threats for businesses. IoT space is also susceptible to known network attacks such as DDoS and spoofing, Social Engineering Attacks, Data leak from IoT space due to misconfiguration.
0 upvotes
Anonymous Author
Basically the impact mostly depends on the type of industry but I would assume device hijacking would definetly be a serious threat.
0 upvotes
Anonymous Author
Lack of security control standards around IoT. Multiple operating systems and firmware types make it difficult to prescribe one single standard coverage strategy for most of these devices.
0 upvotes
Anonymous Author
Probably the mindset that they are not as exposed as they really are.
0 upvotes