Automation, Industry 4.0, and the Internet of Things – security was never as important as now
For years, the wide array of malicious software was primarily associated with personal computers and workstations managed by large organizations. Along with the new programmable logic controllers, microcontrollers, and eventually, the implementations of the Internet of Things, appearing in the varying industry, as well as, the strategic segments, we have faced a new challenge. Currently, we must secure not only bank accounts and vulnerable data, but also the industrial infrastructure, the entire factories, production works, the efficiency of which, determines the people’s fate.
Security in the post-Stuxnet era
It is definitely not an easy task, as the highly automated industry, utilizing the Internet of Things, is often a target of far-fetched campaigns, often sponsored by governments. The breakthrough moment, which opened the world’s eyes to the issue, was obviously the Stuxnet worm campaign, started in 2009. On a daily basis, it turned out that the entire segment of the economy can be paralyzed – at the time being the Iranian Uranium enrichment program – solely with the use of the software that could infect the programmable logic controllers.
The Industry 4.0 concept, enforced an entirely new class of systems – the Internet of Things – in the installations of large production works. Systems assorted of simple, highly specialized devices, often decentralized and reacting to events in a highly automated manner, are the next phase of the development of production for many. However, it enlarges attack surface – the Internet of Things devices are often much more versatile than the PLC that were infected by Stuxnet.
The number of attacks on the IoT has increased by 300% in 2019
The IoT security has an absolutely strategic significance, it is essential in the process of the automation of industry, its evolution towards Industry 4.0 and further. The research shows, that the attackers and their principals are well aware that the potential is there. The seizure of supply chains or global ransomware campaigns are challenges that are difficult to compare with the threats that await users of personal computers and smart phones. We are talking about campaigns that often paralyze the administration of entire cities, halt production, and generate enormous losses.
Research conducted by F-Secure sheds more light on the scale of the assailants, the results of which have been published in the „Attack Landspace H1 2019” report. In 2019, we have recorded more than a 300% increase of the number of attacks on the infrastructure of the widely perceived Internet of Things, in comparison to the previous year. It is worth noting, that we are talking solely about the disclosed attacks, where the targets were aware of the incident. The estimated number of penetrations is difficult to determine – the F-Secure experts claim, that it is between millions and billions. What is important, it is almost 100% automated – the infections are performed by bots.
A common issue is the incompetent or outdated implementation of the Internet of Things elements. Often, the administrators omit the IoT security, assuming that the infrastructure will not be connected to the internet. This may lead to conclusions, that there is no necessity for employing encrypted communication protocols between IoT devices. The result? Even 30% of the attacks were aimed at the non-encrypted Telnet protocol communication.
Industry 4.0 – can the Internet of Things be secure?
UPnP was also a popular target, therefore, the protocol that was supposed to make the use of devices easier, by eliminating the necessity of its configuration almost entirely. One may see, that in the case of securing the Internet of Infrastructure, convenience never goes along with security, similar to using outdated and unsafe protocols and software, such as the aforementioned Telnet and UPnP. So, what must be done, so that the implementation of advanced electronics in industry could support it without increasing the area of attack?
High quality software and hardware, efficient policies on the distribution of software updates with particular considerations of security patches, and the compliance with the effective norms, will definitely help increase the Internet of Things security. A good practice is also to shut down all the services’ devices and interfaces, that will not be used in a particular scenario. An enormous potential, that lies at the crossroads of industry and advance electronics, should not be impeded by threats resulting from systemic malpractices.