On May 25th, the FBI recommended that all U.S. households and small businesses reboot their internet routers, due to infection by Russian malware. In March, we had reports of Russia hacking U.S. critical infrastructure sectors, including energy, nuclear, water and critical manufacturing facilities. At the same time, the Industrial Internet of Things (IIoT) network connections for energy and utilities increased 41 percent in the last year. With all of these new connections one might wonder if facilities are making themselves, and the citizens that rely on them, more vulnerable to attacks.
Just as every immunization contains a harmless dose of a pathogen, the IIoT can be used to protect against infrastructure hacks. The key is continuously monitoring machines using platforms and sensor technology that can help gauge real-time network/asset health and security. Continuous monitoring acts as a facility’s immune system, discovering anomalies and alerting operators of breaches before they become infections. Here’s how critical infrastructure leaders can leverage the IIoT to prevent future attacks.
Monitor, Notify, Eradicate
As utility providers rapidly adopt the IIoT, real-time network monitoring and regularly scheduled security updates are imperative to keeping the public safe from the meddling of malicious entities. Command and control centers within these critical facilities are the prime target for hackers to manipulate in order to make it appear systems are running normally. Integrations with trusted partners capable of remotely monitoring assets and notifying facility leaders when an anomaly is detected can be leveraged as additional security and they are essential to an effective IIoT strategy.
When Stuxnet, an elaborate worm, targeted Iran’s uranium enrichment facility in Natanz they compromised the facility’s main PLC (Programmable Logic Controller). This worm caused the main centrifuges to spin faster and longer than they were designed to thereby sabotaging their operations. Stuxnet was effective because it manipulated the PLCs to display that the machines were functioning as intended.
If the facility had a third party system, that monitored the centrifuges in real time, and was detached from the PLC, they could have detected a discrepancy between the controller’s output and the machine’s behavior and eradicated the worm.
Using the IIoT to Secure Connected Systems
While the IIoT may not be the first line of defense against intruders—a duty that belongs to a host of security protocols—the IIoT can help mitigate damage when intruders manage to break through barriers and infect systems. For example, Bloomberg’s report of recent Russian hacks on U.S. infrastructure notes another breach affected a nuclear power plant:
“While the core of a nuclear generator is heavily protected, a sudden shutdown of the turbine can trigger safety systems. These safety devices are designed to disperse excess heat while the nuclear reaction is halted, but the safety systems themselves may be vulnerable to attack.”
This is precisely the circumstance where the IIoT can step in and assist in keeping systems running and alerting the proper entities when critical assets change from their normal operating conditions – or cease functioning altogether. With advancements in cloud computing power, connectivity, and sensor technology, implementing continuous diagnostics is more readily available than ever. With continuous diagnostics, utility providers should have access to an independent system that continuously monitors equipment and provides real-time updates on the health and operation of their mechanical assets. The moment a system or asset changes its behavior, operators need to know not only that something has changed, but also have insights into the root cause of the change.
The Duplicitous Promise of Increased Connectivity
Our reliance on connectivity and automation has shifted the way we view and assess risk. Every generational leap in technology brings with it concerns of misuse and negative potential. Yet every time we sided with the positive, and doubled-down on innovation, humanity reaped the benefits. We cannot be afraid to leverage technology to support our aging infrastructure and protect against nation-state actors.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.