Industrial cybersecurity: Protecting the IIoT
The industrial internet of things (IIoT) is the latest wing of technological advancements in factory environments across the world, allowing for direct oversight and control of remote production equipment. The IIoT is bringing greater visibility and resilience to manufacturing supply chains by outfitting heavy machinery with connected sensors that send real-time data to a centralized management console. Using these technologies, plant managers can keep track of device performance, conduct maintenance forecasting, monitor environmental conditions (temperature, ambient noise, humidity, etc.) and much more. However, while the IIoT has been a boon for the manufacturing industry, it's also introduced a variety of security concerns that are hard to ignore.
As noted in a recent article from Security Magazine, IIoT equipment is highly susceptible to hacking and exploitation. The same data exchange, remote monitoring and centralized control mechanisms used to enhance manufacturing operations can also be leveraged to infiltrate secure data stores, take control of production equipment, launch large-scale DDoS attacks and distribute malware to business-critical systems. This issue extends far beyond connected sensors - security cameras are also common targets for malicious actors. Take, for example, the massive data breach that targeted the security camera manufacturer, Wyze. In 2020, hackers were able to bypass the company's cybersecurity defenses and expose the personal information of over 2.4 million users, GeekWire reported. Since manufacturing firms collect and store a variety of sensitive information - intellectual property, customer orders, production designs, etc. - these types of vulnerabilities are even more important to shore up.
Why is IIoT equipment attractive to hackers?
Intelligent IIoT devices are prime targets for hackers and state actors for a variety of reasons, least of all being that the manufacturing companies themselves are veritable treasure troves of valuable information. IIoT equipment also performs critical functions for physical worksites - if one device is taken over, malicious actors can quickly spread malware or ransomware to adjacent systems, crippling day-to-day operations and exposing sensitive data. In fact, one study from the IT service provider Wipro discovered that 14% of all critical resources and assets for sale on the dark web came from the manufacturing sector.
Another issue is that many IIoT devices do not come equipped with any built-in security features, as there's currently no unified standard for connected technologies, as noted by The Economic Times. As a result, hackers have been able to take over thousands (even millions) of endpoints for use in large-scale DDoS attacks and other illegal activities. This problem is even more troubling for companies that fail to uphold best practices in device credentialing. One way hackers gain control of IIoT devices is by taking advantage of default usernames and passwords that were never changed prior to deployment. These login credentials are often a matter of public knowledge - and by using the Shodan search engine, hackers can crawl the web for internet-connected devices including wireless printers, security cameras, environmental sensors and more.
How to protect IIoT equipment from external threats
The first step to safeguarding IIoT equipment is for organizations to conduct a thorough asset assessment to create a complete inventory of at-risk devices. This can help locate shadow IoT that may not be visible to management consoles, while also keeping IT administrators aware of new devices added to their network. Considering roughly 40% of IT-oriented employees have used a new device without first receiving approval from technology leaders, according to research from Entrust Datacard, maintaining end-to-end visibility is key. After discovering all active IIoT equipment, manufacturers should verify that no device is running on default credentials. This will help reduce the risk of password spoofing, brute-force attacks and a variety of other security threats.
Another crucial cybersecurity defense is firmware patching - device manufacturers are constantly releasing new updates to eliminate code bugs, zero-day exploits and remote code execution vulnerabilities, McAfee explained. Keeping up with these patches is essential for reducing an organization's attack surface and ensuring employees are working on the latest, most efficient software and application versions. Leveraging an automated update tool, manufacturing firms can ensure critical patches are delivered to every device in their networks from one centralized management console.
The final piece of advice comes from the Federal Bureau of Investigation, which recommends keeping all connected technologies (including IIoT and IoT devices) on a dedicated network. Once an unsecured device is infiltrated, hackers can use it to path into routers and gain access to private networks and data. By moving all IIoT devices onto a single, siloed WiFi connection, manufacturers can increase the security of sensitive workstations and data stores. Isolating these devices is only one piece of the puzzle, however, as organizations must also make use of firewall protections, threat detection and resolution tools and other cybersecurity platforms. Of course, any fleet of IIoT devices is only as reliable as the network equipment those endpoints rely on.
Perle offers industrial-grade connectivity tools that can hold up in the harshest conditions, including those found in manufacturing plants, warehouses and even rugid outdoor settings. Our powerful Ethernet switches and console servers are designed for high-traffic environments that require customizable security processes. To learn more, read some of our customer success stories.