The cyber threat landscape is constantly shifting, with the methods used by malicious actors becoming increasingly sophisticated in order to evade cyber defenses. As attacks on all industries become more complex, industrial environments and manufacturing networks are more vulnerable. In addition to traditional data theft and espionage, hackers will now target your operational technology (OT) equipment and Internet of Things (IoT) devices – from medical devices to robotics. Because your OT and IoT devices are constantly monitoring and collecting sensitive data, they have become a valuable target for malicious actors. There were 1.51 billion breaches of IoT devices in the first half of 2021 alone, and OT ransomware incidents have increased by 133% since 2020. How are your OT systems and IoT devices vulnerable, and what can you do to minimize these risks?
OT and its vulnerabilities
Your OT is vital in getting processes done faster, safer, and cheaper. But much of this technology is decades old and therefore not designed to defend against modern-day cyberattacks. This makes any system vulnerabilities complicated to patch and a lack of features like user authentication and encryption puts your OT directly in the firing line of hackers.
Your OT also attracts cyber criminals due to the wide-scale disruption that they can cause; when OT assets were shut down during the Colonial Pipeline incident in 2021, it triggered a major fuel shortage along the East Coast. Hackers are also looking to OT attacks for financial gain, with 80% of OT environments experiencing a ransomware attack last year. And the potential cost of a cyberattack on your OT isn’t limited to ransom demands – downtime and reputational damage can have long term financial effects on your business. When the LockerGoga ransomware reduced Norsk Hydro’s Extruded Solutions unit to run at 50% capacity in 2019, it cost the manufacturer up to $70 million.
IoT and its vulnerabilities
IoT is at the center of the IT/OT convergence. Your IoT trackers, sensors, motion detectors, and voice controllers are designed to communicate over your networks, often over considerable distances, meaning they’re constantly collecting sensitive and valuable data that is highly targeted by malicious actors. And because we are still realizing the security challenges of smart and connected devices, these devices have limited computational abilities, meaning there is a small footprint for built-in data protection and cyber defense.
Your IoT devices can also act as a backdoor for hackers looking to access and move laterally through your network, making them vulnerable to privilege escalation, man-in-the-middle (MitM) attacks, malware, and distributed denial-of-service (DDoS) attacks. With only 24% of IoT devices using encryption when transmitting data, and attacks on IoT more than doubling in 2021, it’s clear that many of these devices lack adequate security controls. And the level of concern is much higher in IoT, as attacks have the power to cause physical destruction, harm individuals, and cause systemic failures within your business. One such example was in 2017, when the FDA discovered serious cybersecurity vulnerabilities in implantable pacemakers made by medical manufacturer St Jude Medical.
Â
Requirements when securing IoT and OT
1. Network visibility
You need to be aware of everything running on your network, as well as the risks that your OT/ICS infrastructure introduce to SCADA and IoT devices. This means understanding the behavior of all devices, clearly defining your attack surface, and effectively distinguishing between managed and unmanaged devices. Network traffic visibility gives you actionable intelligence around the cyber threats targeting your devices, and by employing proactive monitoring, you can quickly identify unauthorized or compromised devices. Overall network visibility and monitoring can be achieved by using sensors, analyzing device logs, or utilizing a centralized network tool.
2. Supply chain sensitivity
As a manufacturer, you work closely with partners up and down the supply chain, integrating them into their infrastructure and enabling the easy transferring of data between their OT and IoT devices. But this expands the potential attack surface, increasing the risk of cyberattack. In 2021, these supply chain cyberattacks increased by 51%. Mitigate supply chain risk by securing privileged access management and implementing a Zero Trust network architecture. OT and IoT devices within the supply chain should also be continually tested and certified to ensure they comply with the relevant cybersecurity regulations and best practices, reassuring your customers and your wider ecosystem of supply chain partners.
3. Updated software
Outdated software is one of the biggest cybersecurity risks to all industries. Because many IoT devices have no other layer of cyber protection, updating their software regularly is crucial for ensuring that your devices contain the latest security patches and are able to clean up any security flaws from older software. Keep your OT and IoT devices healthy by deploying continual updates as they arise or use a centralized, automatic update management solution.
How we help
With industrial infrastructure a primary target, we have partnered with Dynics to combine our IT and OT expertise in order to better protect critical infrastructure and industrial control systems across the United States.
Our service operationalizes threat intelligence to shield your network from cyber threats. Watch below to learn more.
Achieve unprecedented protection for your organization with intelligence-based network defense.
