By Anisha Damani
Industrial Internet of Things (IIoT) deployments are prone to breaches due to minimal security. This state of affairs is because – in addition to the intelligent connected sensors and machines that make up the Internet of Things (IoT) – IIoT is also comprised of everything in the industrial world that predates the dawn of IT.
These industrial applications include, but are not limited to essential amenities like water, gas, and electricity supply, vehicles and trains, mining, oil and gas, and others. IIoT can be exploitable from an attacker point of view because it often uses legacy technology with minimal updates/upgrades.
Too often, the availability of resources is valued over integrity and confidentiality. Thus, the IIoT can be a more natural prey to cyber-attacks.
There have been countless attacks on IIoT deployments in the past.
A power plant’s operations were halted, according to a report from Reuters. The attack mechanism used malware to take control of a workstation running a safety shutdown system. The malware was then used to reprogram the controllers, which were used to identify safety issues. This vulnerability enabled the hackers to disable the alarms ahead of their planned attack. Often, the most significant security breaches are the ones that go undetected. Fortunately, the fail-safe mode of some controllers got triggered in this case, and the attack was detected in time.
Steel Mill Attack
Another attack on a steel mill was an interesting one and was covered by Wired and Sentryo.
This attack was officially classified as spear phishing by the SANS institute investigation. Spear phishing is when hackers send fraudulent emails, which seem to be legitimate emails coming from trusted sources. This tactic lures the recipient into opening an attached document or visit a website which usually contains malware.
Below are the methods/steps of the attack:
• The office software network was the prime target of the attacker. The attacker first hacked into the office network through an attached file. Once the file was opened, the malware was injected into the sales software of the plant.
• Using the office network as a shield, the attacker penetrated the production management software of the steel mill.
• After gaining access to the office and production management software, the attackers targeted the plant’s control systems.
• The prime goal of the initial hack was to disrupt the human-machine interaction components, damaging numerous systems and industrial automation components.
• This helped the attackers successfully prevent a blast furnace from initiating its security settings in time, causing severe damage to the infrastructure.
This attack leads to the discussion about the need for strict separation between business and production networks to restrict hacker movement between networks.
Firewall Not Enough
Any network can only be considered truly secure if it’s not connected to the Internet and to other systems that are connected to the Internet. A software firewall separating the business and production network may not be sufficient to stop hackers from making the leap as it may contain security holes leaving backdoor access to hackers. It’s unknown how the steel mill’s network was configured during the time of the incident.
In both attacks, it is evident the attacker was able to take advantage of the vulnerability of the system to execute the attack. This situation raises a serious concern about trust. Vendor selection plays a vital role in ensuring security.
Below are the top 10 questions that can help you make a smart vendor selection and integrate security at every level of the network.
1. Is the vendor adopting manufacturing best practices and compliance?
2. Does supply chain integrity exist? What are the extra measures the vendor chooses to ensure supply chain integrity is maintained?
3. How can I ensure my system is not compromised? How can I be sure the system I have received is not a counterfeited system? What are the anti-counterfeiting measures adopted by the vendor?
4. How can I ensure the software running on my system is authentic? What are the anti-counterfeiting steps adopted by the vendor to authenticate software?
5. How can I ensure software integrity for the software running on my system?
6. How can I verify the security integrated into the system? Is there a way to control and verify the posture of the system in the network? What are my visibility options?
Are there any backdoors present in the network? How can I mitigate the backdoor?
7. What are the encryption algorithms supported on the device? How can I utilize the encryption algorithms on my existing applications?
8. How to ensure the system being purchased has required certifications, e.g. IEC 62443, ANSSI, FIPS, Common Criteria, etc.?
9. In case of an attack, what are my options to identify the attack? How can I mitigate and remediate the attack?
10. How can I manage the policies and have control over the systems in the network?
With the trust boundaries diminishing day by day, security is becoming a paramount concern.
It is not only an operational challenge, but also a part of boardroom discussions. Therefore, it is essential to make a wise choice with respect to vendor selection.
Anisha Damani is a Cisco product manager with the Internet of Things business unit. She has nine year of experience in networking security and holds a Security CCIE. Anisha holds an MBA from ESADE Business School.