By Paula Livingstone on July 11, 2023, 4:45 p.m.
Securing industrial internet of things (IIoT) devices used in critical infrastructure is a major challenge, especially against remote attacks. As we connect more critical systems and processes to the internet, the attack surface expands rapidly. Legacy architectures and protocols often have vulnerabilities that are easily exploitable from afar. To address these risks requires rethinking IIoT security from the ground up.
One approach is to analyse the problem space using threat modelling to identify vulnerabilities. Detailed attack trees can be built to map out potential attack vectors. This structured analysis reveals priorities for securing both networks and devices. Legacy security models like perimeter firewalls are inadequate for interconnected IIoT systems.
Potential solutions include:
Together, these kinds of solutions aim to make IIoT devices secure by default against remote attacks. Challenges remain around denial-of-service resilience, physical security, and cryptographic strategies. But partitioning and isolating functions could significantly reduce risk exposure for critical IIoT infrastructure.
Vulnerabilities in Industrial IoT Devices
Industrial IoT devices have inherent vulnerabilities that make them susceptible to remote attacks. Legacy systems were designed without enough built-in security, relying instead on network perimeter defenses. Complex legacy protocols lack encryption and authentication in ways that are now exploitable.
Some key vulnerabilities include:
These vulnerabilities provide openings for various attacks such as intercepting operational data, manipulating control functions, disrupting availability, or infiltrating malware. Legacy perimeter defenses like firewalls and IDS are inadequate to protect against sophisticated remote threats.
New IIoT devices often integrate with legacy systems, expanding the attack surface. Security needs to be addressed across management interfaces, machine-to-machine communications, and human-machine interactions.
Applying software-defined networking (SDN) principles helps mitigate remote attacks at the network level. SDN allows granular control over traffic flows based on zero trust principles.
Key network-level mitigations include:
SDN controllers dynamically optimize paths based on security policies not just basic connectivity. They can also feed telemetry data to SIEMs and SOAR platforms to better detect anomalies.
For wide area networks, SD-WAN overlays provide encryption along with fine-grained control over quality of service. This limits an attacker's ability to move laterally and access critical nodes remotely.
Of course, the network is only as secure as its endpoints. But network-level mitigations create compartments to protect against broad compromise.
Securing the network is not enough - attention must also be paid to hardening IIoT devices themselves. Partitioning and isolation strategies at the device-level can mitigate remote exploits.
Key device-level mitigations include:
Cryptographic coprocessors can provide root of trust functions isolated from main application processors. Sensitive data like keys should only exist in partitioned secure areas.
Hardened network interface controllers help mitigate DoS and malware attacks from traversing the perimeter. Read-only firmware and software prevents many compromise vectors.
Device-level defenses make exploitation more difficult for an attacker even if perimeter controls fail. A layered security model is needed rather than relying on just one approach.
Beyond technical controls, securing IIoT also requires attention to physical security, lifecycle management, and defence in depth.
Additional considerations include:
Supply chain risks should be assessed, especially for outsourced hardware and software. Legacy devices and unpatchable systems may need isolation or replacement.
No single mitigation can make IIoT infrastructure bulletproof. The most robust approach combines many different technical and organizational measures for defence in depth.
Securing industrial IoT systems against remote threats requires a ground-up approach. Legacy perimeter defenses and vulnerable protocols cannot provide adequate protection.
A robust security strategy involves:
While challenges remain, techniques like software-defined networking offer many tools to limit an attacker's ability to move laterally and compromise industrial assets.
As IIoT expands, taking a proactive approach to security is critical. This will require coordination across OT, IT, and cyber-physical domains. Security must become a foundational priority rather than an afterthought.
Want to get in touch?
I'm always happy to hear from people. If youre interested in dicussing something you've seen on the site or would like to make contact, fill the contact form and I'll be in touch.
For media enquiries please contact Brian Kelly