https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/IoTWorldToday-mobile-logo.png
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
    • Back
    • IoT World Expo Austin
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
    • Back
    • IoT World Expo Austin
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Metaverse
  • Development
  • Security
ioti.com

Security


Thinkstock

Security framework

The Threat of Catastrophic IIoT Security Problems Grows

Increasingly, IIoT security is becoming a safety concern.
  • Written by Brian Buntz
  • 18th April 2018

As cybersecurity guru Bruce Schneier puts it, “computer security is now everything security.” As you may have guessed, the Internet of Things is the reason for the seeming omnipresence of cybersecurity.

A growing number of security professionals are coming to grips with what this fact means. A recent Deloitte study found that 40 percent of 2,471 professionals from a variety of industries believe IoT security and data management are their greatest cybersecurity challenges.

As for IIoT security, 70 percent of security professionals in the energy sector fear potential breaches that could lead to explosions and other catastrophic failures.

“In the oil and gas and electrical worlds, those guys view risk in a different scale,” said Dean Weber, chief technology officer at Mocana in an interview at the RSA Conference. “They don’t measure risk as an economic loss at the main level; They are concerned about loss of life.”

[Internet of Things World addresses the security concerns for IoT implementation in every vertical, attracting senior security professionals from the world’s biggest organizations. Get your tickets and free expo passes now.]

Yet for industrial companies, the choice to skirt cybersecurity risks by eschewing IoT is not a viable strategy in the long run. Business managers recognize operational data can help them drive efficiencies, build better business cases and even launch new business models.

And industrial-based attacks like Stuxnet have shown that attackers can compromise networks that were designed to be air-gapped. “And Stuxnet was just the beginning,” Weber said. “You had Duqu, Flamer, Gauss, BlackEnergy and components of Shamoon 2. Even BrickerBot and Mirai had object lessons for the industrial community. These devices are not secure and when you think they are by some form of isolation, that isolation can be compromised.”

While Stuxnet was unique in that it was believed to be the work of national government agencies, it may prove to be a harbinger of things to come in IIoT security. In the future, industrial companies now have to worry about malicious actors launching ransomware and cryptojacking attacks on industrial environments; there is also the concern that state-sponsored actors might be probing and attacking their network, as well. Recently, the U.S. government warned that the Russian government has been targeting critical infrastructure in the United States, including the energy sector.

With nation states building up their cyberoperations, it is worth noting the sophistication of such organizations. The 2010 Stuxnet attack, for instance, did a lot more than change damaged nuclear centrifuges by altering how fast they spin. It also fed computer monitors false information to fool operators into thinking nothing was wrong. “Stuxnet also infected other components of the system such as vibration monitors for the centrifuges,” Weber said. “They were masked. There were cameras on the floor environments to visually monitor those centrifuges that were literally shaking themselves apart. Those video camera feeds were replaying old footage during the attack.”  

That’s not all. The attack also rewrote firmware so that infected systems rebooted in a compromised condition. “The [attackers] DDoS’ed the phone system so that the field engineering personnel could not talk to the home office,” Weber said. And, what is less publicized, is the fact that the attack extended into the transportation and mining industries. “Not only were they going to take down the generation and transmission facilities, but they were going to take down the transportation of raw materials to those generation facilities and the companies mining the materials to be transported,” Weber explained.

What is perhaps more troubling is the fact that as awareness of the risk of IIoT security — and IoT security at large — grows, relatively few organizations have mature strategies for addressing it. Deloitte found that 19.4 percent of its survey respondents were “very confident” in their ability to fend off attacks.

While it is clear that IoT technology offers significant operational benefits to trailblazing organizations, the industrial professionals should keep in mind there is a corollary to the Marvel Comic dictum: “With great power comes great responsibility.” In our connected world, with great power also comes great vulnerability.

Tags: Article IIoT/Manufacturing Security Technologies Vertical Industries

Related Content


  • Caltech campus
    Robots Could Gain Sense of Touch, With New Artificial Skin
    New design can help businesses determine the presence of hazardous materials, offer greater safety for workers
  • Clearview AI Fined $9.4M Over Facial Data Scraping
    The company was ordered to delete any data it held on U.K. citizens.
  • Microsoft Ramping up Cybersecurity Service Offerings
    Three new managed services will boost the company’s presence in the security space
  • IoT Product Roundup
    IoT Product Roundup: PTC, Nokia, Arm and More
    All the latest Internet of Things products

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest News

  • Meet business-wide goals with Equipment as a Service
  • Semtech Acquires Sierra Wireless for $1.2 Billion
  • IoT Product Roundup: Verizon, Microshare, SmartCow and More
  • Black Hat 2022: Sophisticated Cybercriminals, Increased Ransoms

Roundups

View all

IoT Product Roundup: Verizon, Microshare, SmartCow and More

15th August 2022

IoT Deals & Partnerships Roundup: Nokia, Accenture and More

29th July 2022

IoT Deals & Partnerships Roundup: Nokia, SoftBank, Microsoft and More

15th July 2022

White Papers

View all

The Role of Manufacturing Technology in Continuous Improvement Ebook

6th April 2022

IIoT Platform Trends for Manufacturing in 2022

6th April 2022

Events

View all

IoT World Expo Austin

2nd November 2022 - 3rd November 2022

Latest Videos

View all
Image shows a road within the Curiosity Lab at Peachtree Corners

Brandon Branham, Peachtree Corners, on Smart Cities

Peachtree Corners CTO and assistant city manager chats with IoT World Today’s Chuck Martin about what’s happening at Curiosity Labs

Image shows a Beep electric autonomous shuttle

Joe Moye, Beep, on Self-Driving Shuttles

Beep’s CEO chatted with IoT World Today’s Chuck Martin about the deployment of the company’s electric autonomous shuttles

E-books

View all

How Remote Access Helps Enterprises Improve IT Service and Employee Satisfaction

12th January 2022

An Integrated Approach to IoT Security

6th November 2020

Webinars

View all

Is MQTT becoming the de facto standard of Industry 4.0? The impact of IoT on industrial automation protocols

18th August 2022

Building trust for a connected world

25th August 2022

Is MQTT becoming the de facto standard of Industry 4.0? The impact of IoT on industrial automation protocols

18th August 2022

Special Reports

View all

Security: The Hidden Risks of Connected Devices

11th August 2022

Omdia’s Smart Home Market Dynamics Report

7th January 2022

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

Twitter

IoTWorldToday, IoTWorldSeries

🎉SPEAKER ANNOUNCEMENT ALERT!🎉 Brandon Satrom, the VP of experience engineering at @blueswireless, will speak at… twitter.com/i/web/status/1…

17th August 2022
IoTWorldToday, IoTWorldSeries

Meet business-wide goals with Equipment as a Service dlvr.it/SWn1g0 https://t.co/Ya1F8QUhpw

17th August 2022
IoTWorldToday, IoTWorldSeries

Smart Shopping Cart Startup Raises $35M dlvr.it/SWmd0Q https://t.co/qIAhJNfvDG

17th August 2022
IoTWorldToday, IoTWorldSeries

The Forrester Total Economic Impact of Lightbend Akka Platform dlvr.it/SWmcFd https://t.co/L9JSOlkiOr

17th August 2022
IoTWorldToday, IoTWorldSeries

Semtech Acquires Sierra Wireless for $1.2 Billion dlvr.it/SWmXWz https://t.co/oa2WgxyZyI

17th August 2022
IoTWorldToday, IoTWorldSeries

Robotaxi via Lyft App Launched in Las Vegas dlvr.it/SWmXT0 https://t.co/2i9bNaWRwG

17th August 2022
IoTWorldToday, IoTWorldSeries

Smart Cities Featured at IoT World in Austin dlvr.it/SWmVt7 https://t.co/I7jdnEI89w

17th August 2022
IoTWorldToday, IoTWorldSeries

📣 Join us on August 18th to explore how MQTT has been helping system integrators to overcome the challenges of hybr… twitter.com/i/web/status/1…

16th August 2022

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X