When it comes to disruptive technologies the Industrial Internet of Things (IIoT), using edge computing to enhance manufacturing and industrial processes, is right at the head of the pack. Unfortunately, the IIoT is also a top-of-the-agenda goal for attackers eager to target smart sensors and related devices for financial gain or amusement.
"The proliferation of machine learning technology in IIoT environments is pushing and driving ahead the adoption of edge computing architectures," said Paolo Emiliani, a research analyst manager and security specialist at Positive Technologies, an IT security products and services provider. Smart devices can process tasks and react quickly by interpreting behavior and acting locally, Emiliani explained, such as "running basic commands such as turning a circuit on or off or adjusting a valve."
Yet an emerging generation of interconnected smart devices also presents a rich new target for attackers, Emiliani noted. "Lots of connected IIoT devices contain well-known, exploitable vulnerabilities," he observed. "Additionally, it's difficult to figure out which devices are interconnected into an organization’s network and [to] know how to mitigate different risks."
IIoT security risks are multiplying rapidly. Threats include devices that have been secretly reconfigured to perform unwanted functions, such as participating in DDOS attacks or directly attacking enterprise assets. "For instance, an attack on a building management system in a data center could have dire consequences if the attack disables cooling to a company’s network equipment," said Michael Bendis, a senior associate at Syska Hennessy Group, a global consulting and engineering firm.
Data integrity-focused attacks pose yet another danger. "Edge devices are typically sensors, such as gas meters or thermometers, that generate data used by other systems for decision making," explained Andrew Howard, CTO of cybersecurity firm Kudelski Security. If an attacker is able to modify such data, it can potentially have significant adverse effects on production, billing, safety, and other key enterprise interests.
Securing the edge requires an understanding of attack vectors, noted Simon Crosby, CTO of SWIM.AI, an edge intelligence software company. "It's crucial that any solution protect the edge from the cloud or enterprise network, protect the enterprise and cloud from compromised edge devices, protect itself by being able to securely attest to the state of the system at boot and beyond using hardware security mechanisms and protect data in flight across the edge fabric," he said.
Emiliani observed that ensuring reliable edge device security requires careful planning. "In a correct edge architecture, there should be a gateway between the industrial endpoints and the rest of IT or process networks," he said. "This way, communication is interrupted at the gateway and translated into a different protocol up to the data centers."
Ideally, manufacturers should design their edge devices to comply with current cyber security best practices. "These best practices include concepts such as least privilege, defense-in-depth, and access control," Howard said. "Unfortunately, in the industrial space, legacy devices are everywhere and are difficult to secure due to up-time requirements and, often, cost." Since many legacy devices were designed without security in mind, they tend to be easy targets. "In these situations, the best practice is to tightly control communications to and from these legacy devices and to monitor them closely until they can be upgraded or replaced," Howard stated.
Restricting physical access to edge devices is another important security measure. "If possible, install devices in secured spaces instead of public or semi-public spaces," Bendis suggested. If a device must be located in a vulnerable place, protect it by placing it inside a secured cabinet equipped with a vandal-proof housing. "Additionally, cabling to the device should be secured to the device and installed in a conduit if run in unsecured spaces," he added.
A common mistake many IIoT adopters make is assuming that an "air gap" can serve as a security panacea. "By putting their device on a closed network that's not connected to the Internet, the operator feels secure," Howard said.
Although "air gapping" a system theoretically makes connectivity more difficult for attackers, it doesn't relieve the operators from their security responsibilities. "Stuxnet showed us that the air gap could be bridged and, in reality, we find that many air-gapped systems are not really disconnected from the Internet," Howard said. Frequently, a change is made to the IIoT network that inadvertently opens a path to external exposure. "Additionally, since these systems require software upgrades, the air gap is bridged all the time with temporary Internet connections or with portable media," Howard noted.
Another big mistake is the use of inappropriate edge devices. "Many times, devices geared for the residential market are used in an industrial setting because they are cheaper, easier to procure and easier to install," Bendis observed. "However, the tradeoff is they are much less secure on many levels and are in no way suitable for industrial use."
A final point
IIoT edge device risks can be greatly reduced by implementing a few basic security measures, such as physically securing devices, not using default passwords and disabling unused services/ports, Bendis said. "These measures are relatively easy to implement, but significantly increase security," he noted. "Furthermore, coordinating with a firm’s in-house IT expertise prior to implementing edge computing devices is a prudent measure that has little cost but can greatly enhance security."