What the digital industry needs to be protected from
In modern industry, the number and prevalence of IoT / IIoT devices, smart machines and other equipment connected to the Internet is gradually increasing. The firmware on which they operate can potentially contain errors and vulnerabilities that can be used for a variety of purposes, including for New Luddism and simply extortion. We will analyze the main vulnerabilities of the “smart” industry, consider some scenarios of cyberattacks on it, as well as technical recommendations for protection.
At the end of May 2019, it became known about the prepared roadmap for the end-to-end Industrial Internet technology in Russia. According to forecasts, the introduction of IIoT in enterprises of the Russian Federation by 2024 will give an economic effect of at least 5.5 trillion rubles. The greatest value will be provided by the introduction of non-primary industry and mining - more than 1 trillion rubles for each industry. In agriculture, electricity and logistics, the effect will exceed 500 billion rubles.
The results of real implementations of IIoT solutions in the world indicate that the forecast described above is quite real. Thus, the introduction of smart components at the Smolensk NPP allowed a 20-fold reduction in round-trip time and an increase in the quality of observations , the economic effect being about 45 million rubles a year. Radio-electronic plant "Engineering"in 4 months I received 48% savings due to the installation of wireless sensors and meters for electricity, heat and leaks. The positive effect of the introduction is not only measured in money - say, Harley Davidson has equipped all its machines and parts with RFID tags to speed up the production of custom motorcycle models. As a result of the introduction of IIoT, the production cycle was reduced from 21 days to 6 hours .
In 2017, McKinsey and Pricewaterhouse Coopers called comparable performance figures for the implementation of IIoT in the Russian Federation: their forecasts show an annual effect of 0.4 to 1.4 trillion rubles, as well as a total effect of 2.8 trillion rubles by 2025.
Thus, domestic and foreign examples, as well as the financial prospects of the mass introduction of IIoT, indicate that industry 4.0 is becoming a very real practice in today's industry.
Smart Industry Vulnerabilities
Industry 4.0 involves the complete automation of production and the connection of everything to the Internet. At the same time, the equipment at such enterprises “communicates” with each other, and the artificial intelligence that controls the processes collects data to control the stages of production, which makes it possible to produce better products in the most flexible and resource-saving manner.
Obviously, the higher the level of automation, the more software code is contained in the firmware of the equipment and the more likely that they have vulnerabilities. Firmware, of course, is not the only source of security problems for smart factories in industry 4.0. There are much more real problems. Here is some of them.
Today this is a big problem, because a significant part of these devices was developed without taking into account the security requirements of smart enterprises. According to employee surveys, outdated equipment is the main obstacle to the implementation of industrial IoT solutions. Attempts to build new systems on the basis of old devices face problems of providing an appropriate level of protection.
Many protocols were created many years ago and are still used almost unchanged. However, when they were developed, there was not much of the modern threat and the enterprise networks were isolated. As a result: according to research, 4 of the 5 least secure protocols are industrial control protocols.
At industry enterprises, 4.0 people are significantly fewer, which proportionally reduces the number of possible targets. However, the introduction of new technologies suggests that a number of remaining employees will still have to work with new programs and data types. In conditions when you have to learn something new, a person becomes especially vulnerable to social engineering, in particular, to phishing attacks.
Vulnerable supply chains
Several companies are participating in the product supply chain. Therefore, in order to protect one enterprise, the safety of all production facilities connected to it, as well as all plants associated with it, must be ensured. But since it is almost impossible to control all communications, as a result, the final level of security will be at the level of the weakest link.
Vulnerable IT Processes
In many cases, installing updates on IIoT devices is not an easy task, as some of them may simply not have an update installation mechanism. Another difficulty is a huge number of devices, so there is a risk of missing one or two sensors. Another problem in terms of updating is continuous cycle enterprises, because in this case it is impossible to stop the technological process and upload patches to IIoT sensors .
Industrial equipment allows you to perform a huge number of different operations. Moreover, all the wealth of opportunities is often not required. In industry 4.0, the presence of unused functionality in equipment expands the capabilities of attackers to attack, and ensures its stealth: since the functionality is not used, no one controls the operation of the equipment in this part, and penetration may go unnoticed.
Major cyber attacks on smart enterprises
The EU Network and Information Security Agency (ENISA) conducted a study last year , in which the authors interviewed cybersecurity experts and identified 12 main cyber attack scenarios for IIoT devices, as well as formulated security measures for IoT devices in the context of smart enterprises in industry 4.0. First, let's talk about attack scenarios. In the table below, each possible type of incident is assigned the degree of risk it carries for a smart enterprise.
Consider some of these attacks:
- Attack on the connection between controllers and executive devices: an attacker injects and runs malicious code in the system, manipulating the data that is transmitted between the controller and the machine.
Impact :loss of control over technological processes, damage to a batch of products and / or infrastructure.
Related threats : internal and external sabotage, manipulations with software and hardware, changes in the configuration of control devices.
- Attacks on sensors: having cracked a sensor, an attacker can change its firmware or configuration, and then change the data that the sensor sends to control equipment.
Impact : making wrong decisions based on false data, performing a process based on incorrect measurements.
Associated threats : information modification, sabotage, manipulations with software and hardware.
- Attack on remote control devices (operator panels, smartphones):an attacker can hack remote control devices, which are usually designed to perform maintenance and are not used constantly. Meanwhile, they pose a direct threat to the network, since breaking them can cause significant damage, and it is quite difficult to identify it.
Impact : gaining full access to the system with the ability to change all parameters.
Related threats : password attacks, exploitation of software vulnerabilities, session hijacking, information leakage.
- Malicious softwarespread over the network: they use vulnerabilities in firmware and operating systems for penetration. You can protect yourself by timely updating vulnerable devices and programs, but, as mentioned above, in the case of IIoT, updating is not always possible.
Impact : IIoT provides a rich set of opportunities for attackers - taking control of a smart thermostat, they can turn off the heating in the hospital, jeopardizing the safety of people, the malfunctioning of thermostats in a metallurgical plant can stop a blast furnace and simply disable it.
Related threats : exploit packs, DDoS, password attacks.
- Human error and social engineeringAs a rule, they serve as the first step for carrying out other types of attacks: human errors and features of the human psyche make it possible to gain unauthorized privileged access to the system for installing backdoors, other malicious programs, or physical access to devices. Attacks on people are more difficult to detect, since psychological, rather than technical, methods are used to carry them out. To improve the recognition of this type of attack, employees need to undergo appropriate training.
Impact : If successful, the attacker gains privileged access to the system or the data necessary for other types of attacks.
Related threats :erroneous use of administrative powers, improper administration or system configuration, physical damage to equipment, theft of intellectual property of the company.
What is proposed to provide a smart factory
As part of the ENISA study, an analysis of the main IIoT security topics was carried out, which were divided into three groups:
- organizational activities
- technical activities.
We will consider the main technical recommendations, and the full text can be found in the original work :
Trust and Integrity Management
Security measures that ensure the integrity and reliability of data, as well as set criteria for trusting devices:
- check the integrity of the software before running it, make sure that it is obtained in a safe way from a reliable source and has a valid digital signature of the supplier;
- authorize all IIoT devices in the enterprise network using digital certificates and PKI;
- Set communication channels between IIoT devices as a white list. if possible, select only safe channels;
- implement whitelists of applications and review each time you change the system, but at least once a year.
Inter-machine communication security
Defines key storage, encryption, input verification and protection issues:
- store service encryption keys, except for public keys on special servers with hardware crypto modules;
- Use proven and secure cryptographic algorithms for interaction between objects with integrity checking and mutual authentication;
- choose communication protocols with protection against replay attacks (attacks on the replay of old messages);
- Use white sheets to verify input and protection against cross-site scripting and code injection.
Defines measures to protect confidential data and control access to them:
- choose the methods of information protection in non-volatile and non-volatile memory, as well as during transmission and use;
- analyze the risks and assess the criticality of various types of data, based on the analysis, determine the necessary security measures;
- provide the minimum necessary access to information, document all rights granted;
- for the most sensitive data, use encryption so that only authorized persons can access it;
- Impersonate and protect personal data when processing within the company; use encryption and access control, consider legal risks.
Networks, Protocols, and Encryption
Security measures that provide security by choosing the right protocols, encryption and network segmentation:
- if possible, use secure communication channels and encryption to interact with IIoT;
- divide the enterprise network into segments, create demilitarized zones and control traffic between segments;
- apply micro-segmentation to create small groups of components on the same network that communicate. Control traffic between microsegments.
- if possible, separate network segments with high security requirements from business and management networks;
- Use IIoT solutions with a proven level of security, avoid acquiring and using devices with known fatal vulnerabilities;
- make sure that devices are compatible and secure when using different protocols.
Why is this all?
The fourth industrial revolution will bring not only new opportunities, but also new risks. When calculating the savings from introducing fully automated enterprises, it is imperative to consider the costs of cybersecurity. Vulnerability in just one IIoT device can be a source of problems for an entire plant. In conditions when there are not even hundreds of such devices, but tens and hundreds of thousands, the task of protecting them becomes a strategic one.