Industrial IoT and OT: security management
Blog

Management of cyber security risks in industrial IoT and OT

Digitalization is irreversibly changing the operating environments of companies and factories. However, the convergence of OT in manufacturing with IoT technologies and other advanced solutions offers new points of attack for cyber attacks.
6 minutes
March 28, 2024

The IoT world is expanding and so are the security threats

The Internet of Things (IoT) is changing the world of business. Manufacturers are increasingly integrating advanced technologies such as cloud computing, data analysis and machine learning into their production workflows. The potential value created by IoT is already huge and continues to grow. McKinsey estimates that the IoT value creation rate could reach USD 12.5 billion worldwide by 2030. Highly specialized economic sectors in particular are currently experiencing the greatest benefits. From applications in medical technology, logistics and transport to solutions for smart factories, IoT is leading the way for a broader digital transformation that generates, stores, analyzes and transmits huge amounts of data across an ever-growing global network.

According to Palo Alto Networks, the rapid development and introduction of IoT technology is already transforming business processes. IoT devices probably already account for more than 30 percent of all devices in corporate networks today. The data collected from these devices provides a wealth of valuable information that enables real-time decision making and the build-up of accurate predictive models. In addition, the Internet of Things is a key enabler of digital transformation in organizations and has the potential to increase employee productivity, business efficiency, profitability and improve the overall workforce experience.

IoT security is becoming increasingly important - also for cyber criminals

The downside: Linking production facilities (Operational Technology = OT) with IoT technologies and other advanced solutions offers new targets for cyber attacks. After all, billions of networked devices create all kinds of potential vulnerabilities in companies. According to McKinsey, increasing connectivity has drastically increased the number of attack vectors. Before IoT, a large corporate network may have had to consider up to 500,000 vulnerable endpoints, whereas IoT can involve millions or even several million such points.

A recent report by Asimily entitled “IoT Device Security in 2024: The High Cost of Doing Nothing” shows just how big the threat posed by the use of IoT devices actually is. It analyzes emerging attack trends targeting IoT infrastructures and outlines possible consequences for companies that do not take adequate security measures. According to the report, already known vulnerabilities are among the biggest threats: 34 of the 39 most frequently used IoT vulnerabilities have been known for more than three years on average. Routers account for 75 percent of infected IoT devices, as they serve as gateways for accessing other nodes in a network. Security cameras, digital signage systems, medical devices and industrial control systems are also among the most frequently attacked devices.

Risks relating to the use of IoT in companies

Depending on the application, a security breach in an industrial IoT environment poses various risks. Starting with the disclosure of important information that is crucial for the operation of the company or the manufacture of a product, through damage to industrial control systems to the compromise of manufactured products. An example: An attacker gains access to the network of an auto-industry supplier and manipulates the machine settings of a brake component without being noticed. This can lead to the brakes suddenly failing under load. Both the material and immaterial damage to the company is almost impossible to quantify.

IoT is prone to vulnerabilities

Industrial IoT architecture refers to the collection of all IoT elements in smart factories. Although it differs from company to company, it always includes devices with sensors and actuators, network elements, databases, analysis tools and business applications. Each component poses specific security risks to the entire production environment.

As Palo Alto Networks explains, without resilient security, any networked IoT device is vulnerable to intrusion, compromise and control by malicious actors who break into the system, steal user data and crash systems. As more and more different IoT devices connect to the network, the attack surface increases dramatically. As a result, overall network security is decreasing in terms of the integrity and protection of the least secure device. Additionally to these challenges, 98 percent of all traffic from IoT devices is mostly unencrypted, putting confidential data at high risk.

Various attacks on industrial IoT aim to compromise the security of different elements of the IoT ecosystem, such as network communications, IoT and OT software and applications, and physical devices. DDoS, device hijacking or spoofing and man in the middle attacks are just some of the security issues in this context. The consequences of a single cyber attack vary depending on the target, but the most common and dangerous is the disclosure of sensitive data. The table shows the most common IoT attacks and their impact on OT factories.

IoT attack risks at a glance

Attacks Effects
Hardware
  • Reverse engineering
  • Physical tampering
  • RF jamming
  • Denial-of-sleep attack
  • Side-channel attacks
  • Counterfeit hardware
  • Access to sensitive information
  • Data flow control
  • Resource destruction

 

 

 

Software
  • Malware, Ransomware, Spyware
  • Bot/botnets
  • Blended threats
  • Rootkits
  • Forced deadlock
  • Exploitation of trusted identifiers
  • Code injection
  • Brute-force attacks
  • SQL injections
  • Disclosure of sensitive data
  • Interruption of data
  • Software rendered unusable
  • Blocking access to files
 

 

Communications
  • DoS/DDoS attacks
  • Eavesdropping (sniffing and spoofing attacks)
  • Man-in-the-middle attacks
  • Session hijacking
  • DNS tunneling
  • Port scanning
  • Protocol manipulation attacks
  • Jamming
  • Traffic analysis
  • Sinkhole attacks
  • Network flooding and overload
  • Data theft
  • Unauthorized access to databases
  • System crashes
  • Malware tunneling

Achieving security in the IoT

IoT devices are dedicated objects that perform a limited number of actions. For example, they establish a connection to a network and transmit and receive data. Typical examples of IoT devices in companies include barcode scanners, smart light bulbs and security cameras as well as measurement and control sensors. IoT devices differ from IT devices such as computers in that they generally only have one specific task. In addition, many do not support software updates and security patches. If a vulnerability is found in software or firmware, it is difficult to protect them from exploitation and compromise. Another difference is that IoT devices often also appear unnoticed in a network. In addition, their unique network behavior is problematic for administrators who are more accustomed to managing laptops and desktops due to their specialized design. For these reasons, it is mandatory that all organizations evolve their cyber security measures and take proactive steps to address this increasingly complex IoT/OT threat landscape.

The key IoT security safeguards

The following actions from the SITS IoT security checklist are essential to implement an effective security strategy and mitigate the risks associated with IoT/OT threats:

  • Implement zero trust architecture
  • Maintain an overview of all devices
  • Proactively identify vulnerabilities
  • Check all data traffic
  • Set up real-time monitoring
  • Ensure regular updates
  • Detect outdated devices
  • Perform security risk assessment
  • Establish an industrial demilitarized zone (IDMZ)

Conclusion IoT Security

The introduction of IoT and OT devices offers companies significant benefits, but also poses major risks. A modern zero-trust approach is required to efficiently and securely manage IoT and OT devices at scale. Managers must also consider cybersecurity at all organizational levels by introducing security policies, implementing protection mechanisms and training their employees. If you are looking for a reliable partner to advise and support you in protecting your IoT systems, SITS is here to help.

The Cyber Chronicle Newsroom
We keep you posted with the latest news, data & trend topics
AI
Fighting AI attacks: How to protect data and systems
Learn more
Assessment & Advisory
ISO 27001 Certification without delay
Learn more
Assessment & Advisory
Managed Services to counter the shortage of manpower
Learn more
Security & IT Solutions
Workload Security with SASE, this is how it works
Learn more
Cloud Platform Security
DevOps security: Stress test for culture and technology
Learn more
Identity & Access Management
Biometrics - better security without passwords?
Learn more
Cyber Defense
Threat Intelligence - Knowledge is power & security
Learn more
NIS2
NIS2 & ISO/IEC 27001:2022: New controls to fulfill both standards
Learn more
Identity & Access Management
How Preferred Access Management increases security
Learn more
Assessment & Advisory
vCISO - more IT Security through customizable support
Learn more
AI
Cloud Platform Security
AI from Microsoft: Is your company Copilot Ready?
Learn more
NIS2
NIS2 & Risk Management: Are cyber risks really manageable?
Learn more
Zero Trust
Zero Trust - more IT Security through less trust
Learn more
Cloud Platform Security
Protective shield for your cloud platforms: Tips, Tricks, Pitfalls
Learn more
Assessment & Advisory
Security all-rounder CISO: Outsource or hire yourself?
Learn more
Cyber Defense
Management of cyber security risks in industrial IoT and OT
Learn more
We’re here for you
Fill in the form and our experts will get in touch.

You are currently viewing a placeholder content from HubSpot. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information