Securing IoT environments: A key pillar of Industry 4.0

INDUSTRY.co.id - Check Point Software Technologies Business and factory closures, staff being made redundant or furloughed, disrupted working patterns:  the pandemic has had a huge impact across the industrial and manufacturing sectors, and their supply chains.

The shockwaves of this impact on both supply and demand of manufactured goods are still being felt: for example, automotive manufacturing output is still reduced as a result of global computer chip shortages.  

However, advances in industrial and manufacturing technology have helped to overcome some of the physical-distancing obstacles imposed by the pandemic – such as the widespread adoption of IoT devices, which enables remote monitoring and control of key assets in critical infrastructure, industrial control systems (ICS) and manufacturing systems. These advances – referred to as ‘Industry 4.0.’ support new levels of machine-to-machine communications to help automate and streamline processes.  

But as networks have expanded hugely, with tens of thousands of new, intelligent devices being added, the IoT devices themselves and the extended connectivity that supports them opens up a range of new security vulnerabilities and risks. Hackers are only too willing to exploit those vulnerabilities.

IBM's 2021 X-Force Threat Intelligence Index found that cyberattacks on manufacturing, energy and healthcare sectors doubled in 2020 compared to 2019.  

Every time a smart device is added to the network, its attack surface expands. This is because connected devices are often inherently vulnerable and easy to attack. This explains why 67% of U.S. enterprises have already experienced a security incident related to IoT devices. And with an estimated 18 billion IoT devices in use by the end of 2022, it’s critical that organisations implement security measures to prevent and block these attacks before they get out of control. 
IoT devices are weak links 

So why are IoT devices often vulnerable to attack? Simply because in many cases, they were not designed or made with security in mind. They frequently run on legacy or proprietary software that was not designed with built-in security. They have weak default or hardcoded passwords that are easy to bypass. They lack sufficient user, data and system authentication capabilities.

Their software cannot be updated or patched frequently, due to access limitations, concerns over downtime or the need to re-certify systems. 

In the case of IoT devices and operational technology (OT) systems used in critical infrastructure or manufacturing, they often use outdated operating systems such as Windows XP or Windows 7. Hackers know these operating systems are an Achilles’ heel because they are no longer supported, and it is extremely difficult and costly to update mission-critical devices that run on them.

This has made these devices a prime target for tailored APT attacks, malware, phishing and ransomware attacks that usually start on the IT network, because they’re a weak link in the security chain. IoT devices and OT systems are an especially enticing target for attackers who use ransomware because they know that businesses would rather pay the ransom than face having the machine offline — or worse, taken down completely. 

You can’t secure what you can’t see

While IoT and OT environments in organisations are growing increasingly complex, traditional IT security solutions have fallen far behind. One of the biggest challenges is knowing exactly what devices an organisation has connected to its networks. Research has shown that 61% of IT teams have no, or low confidence in knowing exactly which devices are connected to their network.

If they don’t even know what’s on their network, IT teams cannot be expected to know what those devices do, or what they are connected to – let alone if they have flaws that could be exploited, or what type of protection they need. In short, IT and security teams are working in the dark.

So the starting point for protecting complex Industry 4.0 networks is for teams to get complete visibility of the risks their networks are exposed to. They need an easy way to determine what devices they have and determine their vulnerabilities and risk.  

Then, they need to be able to monitor the IoT and OT protocols and commands, so they can determine if the systems are connecting and communicating properly. With this knowledge, teams can then create security policies designed for IoT and OT systems that can prevent security breaches and keep up with the latest threats.

All this has to be done without impacting security operations.  Security must be easy for organisations to deploy with automated protection that does not impact day-to-day operations.

Securing everything

With these points in mind, organisations need a security approach which can not only identify any IoT device in any environment on the network, but also assess its risk status and deliver the appropriate security needed to protect both the device and the network it communicates with.  

Their security solution should deliver these functions:

IoT discovery and risk analysis: The solution should be able to discover all IoT assets and determine their security risks and vulnerabilities. It should also give a single-console view of all assets, classified based on their risk level with the ability to drill down for a risk analysis per asset.  

Recommend Zero Trust segmentation security policies: Based on visibility of all assets and risks, the solution should suggest Zero Trust security policies customised per device to instantly minimise risk exposure. This can save months of manual policy configurations and ensures IoT assets are secured immediately when they connect to the network. It also blocking of unauthorised access to and from IoT devices.

Threat prevention to protection against the latest threats: As we pointed earlier, many IoT devices have inherent vulnerabilities that cannot be patched or updated. The solution should enable to you protect all devices against known and unknown zero-day attacks through virtual patching.

In conclusion, as the number of IoT devices in industrial and enterprise environments continues to grow, so does the importance of implementing security solutions, practices, and controls that can identify and protect these devices. Inadequate security controls on these devices and the networks they connect to leave organisations at significant risk of data breaches, operational disruption, and revenue loss.

With advanced solutions that offer the capabilities outlined above, organisations will be fully prepared to secure their IoT estates, and protect their Industry 4.0 deployments.