Securing industrial internet of things (IIoT) devices used in critical infrastructure is a major challenge, especially against remote attacks. As we connect more critical systems and processes to the internet, the attack surface expands rapidly. Legacy architectures and protocols often have vulnerabilities that are easily exploitable from afar. To address these risks requires rethinking IIoT security from the ground up.

One approach is to analyse the problem space using threat modelling to identify vulnerabilities. Detailed attack trees can be built to map out potential attack vectors. This structured analysis reveals priorities for securing both networks and devices. Legacy security models like perimeter firewalls are inadequate for interconnected IIoT systems.

Potential solutions include:

• Leveraging software-defined networking (SDN) concepts to programmatically secure local area networks. This allows granular network configuration that eliminates many remote attack vectors.
• Applying similar principles across wide area networks to optimize performance, availability, and security. Advanced telemetry and traffic segmentation could be implemented.
• Developing a zero trust architecture where IIoT devices authenticate before accessing cloud services. This removes reliance on perimeter firewalls which have vulnerabilities.
• Isolating subsystems within IIoT devices through an architecture akin to SDN. This prevents compromise of communications even if part of the device is breached.

Together, these kinds of solutions aim to make IIoT devices secure by default against remote attacks. Challenges remain around denial-of-service resilience, physical security, and cryptographic strategies. But partitioning and isolating functions could significantly reduce risk exposure for critical IIoT infrastructure.

Similar Posts

Here are some other posts you might enjoy after enjoying this one.

Industroyer2: A Detailed Examination of the Malware

Defence in Depth for IIoT: Balancing Controls Across Architecture Levels

Safeguarding Manufacturing IP from Cyber Intrusions

The Alchemy of Assurance: Transforming SCADA and IIoT Security with IEC 62443

Industrial Communication Models: A New Lens for Evaluating IIoT Security Approaches

Vulnerabilities in Industrial IoT Devices

Industrial IoT devices have inherent vulnerabilities that make them susceptible to remote attacks. Legacy systems were designed without enough built-in security, relying instead on network perimeter defenses. Complex legacy protocols lack encryption and authentication in ways that are now exploitable.

Some key vulnerabilities include:

• Lack of encryption allowing remote eavesdropping
• Weak authentication mechanisms that enable remote impersonation
• Insecure boot processes without integrity checks for firmware and software
• Monolithic system designs without partitioning or isolation of functions
• Inadequate protection against denial-of-service attacks
• Poor safeguards for data integrity and system availability

These vulnerabilities provide openings for various attacks such as intercepting operational data, manipulating control functions, disrupting availability, or infiltrating malware. Legacy perimeter defenses like firewalls and IDS are inadequate to protect against sophisticated remote threats.

New IIoT devices often integrate with legacy systems, expanding the attack surface. Security needs to be addressed across management interfaces, machine-to-machine communications, and human-machine interactions.

Network-Level Mitigations

Applying software-defined networking (SDN) principles helps mitigate remote attacks at the network level. SDN allows granular control over traffic flows based on zero trust principles.

Key network-level mitigations include:

• Microsegmentation and network zoning to isolate critical assets
• Encryption across LANs and WANs to prevent eavesdropping
• Dynamic access control policies instead of static perimeter defenses
• Monitoring east-west traffic patterns within the network
• Built-in redundancy and high availability configurations
• Server cloaking and decoys to obscure production assets

SDN controllers dynamically optimize paths based on security policies not just basic connectivity. They can also feed telemetry data to SIEMs and SOAR platforms to better detect anomalies.

For wide area networks, SD-WAN overlays provide encryption along with fine-grained control over quality of service. This limits an attacker's ability to move laterally and access critical nodes remotely.

Of course, the network is only as secure as its endpoints. But network-level mitigations create compartments to protect against broad compromise.

Device-Level Mitigations

Securing the network is not enough - attention must also be paid to hardening IIoT devices themselves. Partitioning and isolation strategies at the device-level can mitigate remote exploits.

Key device-level mitigations include:

• Hardware-based separation of subsystems with controlled interfaces
• Encrypting data flows between internal components
• Immutable firmware and software images to prevent tampering
• Attestation of device integrity before network admission
• Minimizing exposed services and access points
• Protocol whitelisting to constrain permitted traffic

Cryptographic coprocessors can provide root of trust functions isolated from main application processors. Sensitive data like keys should only exist in partitioned secure areas.

Hardened network interface controllers help mitigate DoS and malware attacks from traversing the perimeter. Read-only firmware and software prevents many compromise vectors.

Device-level defenses make exploitation more difficult for an attacker even if perimeter controls fail. A layered security model is needed rather than relying on just one approach.

Additional Considerations

Beyond technical controls, securing IIoT also requires attention to physical security, lifecycle management, and defence in depth.

Additional considerations include:

• Physical access protections like locks, alarms, and video surveillance
• Security-focused procurement policies for new systems
• Asset inventory and network mapping to understand dependencies
• Vulnerability management throughout the system lifecycle
• Diversity of security controls to avoid single points of failure
• Ongoing personnel training for security awareness

Supply chain risks should be assessed, especially for outsourced hardware and software. Legacy devices and unpatchable systems may need isolation or replacement.

No single mitigation can make IIoT infrastructure bulletproof. The most robust approach combines many different technical and organizational measures for defence in depth.

Conclusion

Securing industrial IoT systems against remote threats requires a ground-up approach. Legacy perimeter defenses and vulnerable protocols cannot provide adequate protection.

A robust security strategy involves:

• Threat modelling to identify priority risks
• Network segmentation and zero trust architectures
• Device hardening through isolation and cryptography
• Ongoing lifecycle management
• Defense in depth controls for resiliency

While challenges remain, techniques like software-defined networking offer many tools to limit an attacker's ability to move laterally and compromise industrial assets.

As IIoT expands, taking a proactive approach to security is critical. This will require coordination across OT, IT, and cyber-physical domains. Security must become a foundational priority rather than an afterthought.