As manufacturers take advantage of the efficiencies of connectivity, the expanded network opens up significant threats of cyber attack. Hacking criminals are getting more sophisticated as plants are becoming more vulnerable, a bad combination. Yet cybersecurity is advancing in its ability to ward off intrusions. These issues will be discussed at the Automation Technology Conference in Minneapolis in September. In the session, Strategies for Adding Security to Industrial IoT Endpoints, speaker Alan Grau, president of Icon Labs, will explain the growing cyber threats to the connected plant and also outline the advances in cybersecurity.
The Unique Vulnerabilities of IIoT and Embedded Systems
Much has changed since the days when a plant network was wired. The danger of hacking existed, but the entry points were defined and protection was less complicated. The Industrial Internet of Things (IIoT) has created significantly greater exposure. "The IIoT is a significant challenge. First you do have a much larger attack surface. There is a proliferation of connected devices. Every new device brought onto the network is a target for hackers," said Grau. "Plus, many of these devices are deployed outside of the current IT security perimeter. This creates significant new security challenges."
Your Plant. Smarter. Alan Grau, president and co-founder of Icon Labs, will present, "Strategies for Adding Security to Industrial IoT Endpoints," Sept. 22, from 1:30-2 p.m., at Design & Manufacturing in Minneapolis. Learn how to identify and overcome challenges for securing embedded devices, how to successfully integrate embedded security with enterprise security, and more! Register here for the event, hosted by Design News’ parent company, UBM.
Embedded systems have made cybersecurity more complicated. For one, the usual IT security solutions are not as effective with embedded devices. Plus, the potential damage from an attack is greater. "Many of the IIoT devices are embedded systems that require new security solutions. Traditional IT and PC security approaches won't work on these specialized devices," said Grau. "If an IT system is hacked the consequence is data loss. If an IIoT system is hacked the power grid can go down, flights can be grounded, productions lines can be shut down, and real physical damage can be done. People can die." Grau cites the example of a blast furnace in Germany that was damaged by a cyber attack. "This caused significant financial loss and could have caused injury or loss of life," he said.
Many cyber attacks are designed to be stealth operations where the attacker hides in the system and nabs data undetected. Consequently, intrusion detection has become a new front on the cyber battleground. "Intrusion Detection Solutions (IDS) for IIoT need to be customized to the nature of the devices. Small devices with limited resources need a solution tailored to the types of attacks they are likely to experience while not overwhelming the limited resources of the device," said Grau. "At the same time, the sophistication of the Intrusion Detection Solution must scale up to support more powerful gateway and control systems."
Intrusion detection works from its ability to identify suspicious behavior in the network. IDS can spot cyber behavior that is outside the expected activity on the network. "The key is to monitor for, detect and report anomalous traffic," said Grau. "This requires integration with a security management system where IDS events can be sent and viewed by a human -- or potentially an AI engine -- to determine if the anomalous events indicate a cyber attack."
The backbone of effective cyber protection is knowledgeable professionals who keep abreast of new dangers as well as new prevention developments. Those professionals could be either trained employees or hired guns. "It requires a team of dedicated experts to keep up with the current attacks and cybersecurity countermeasures. Many OEMs are designating an internal cybersecurity champion to work with outside experts and cybersecurity firms to coordinate their solutions and ensure they are staying current and building the appropriate solutions," said Grau. "Some of the key elements to a robust solution include using a hardware platform with hardware security elements as a foundation and implementing secure firmware updates so devices can be updated as security patches become available.
Attackers Are Gaining Strength
In recent years, the nature of cyber criminals has changed. Gone are the days of teenage showoffs or disgruntled employees. Hacking has become an organized criminal enterprise. "Attackers are becoming more sophisticated over time. They are learning about new vulnerabilities and developing automated attack tools to exploit those vulnerabilities," said Grau. "There are cybercriminals who build and sell these attack tools, making them available to anyone willing to pay for them. There are a large number of bad actors with the motivation and means to launch sophisticated cyber attacks. They have made millions stealing data from IT networks, and they are beginning to turn their efforts toward IoT devices and networks."
[images via Icon Labs]
Rob Spiegel has covered automation and control for 15 years, 12 of them for Design News. Other topics he has covered include supply chain technology, alternative energy, and cyber security. For 10 years he was owner and publisher of the food magazine Chile Pepper.