In 2018, Tesla cars were found to be vulnerable to wireless key fob breaches, and the Medtronic CareLink 2090, a medical device for monitoring and controlling pacemaker settings, was attacked and infected by malware. Both are examples of Internet of Things (IoT) getting compromised, exposing companies and users to physical and virtual harm.
“There are three major vectors of attack when it comes to big data,” said Joe Scotto, chief marketing officer for Indegy, which provides industrial cybersecurity solutions. “The first is an outside rogue attack, like blowing up a pipeline. This can have devastating effects on the economy.
The second is insider threats, such as an employee inadvertently doing something wrong that triggers a security breach, like using a laptop outside of a firewall and the laptop getting infected. The third is an employee knowingly doing something wrong to sabotage the company because he or she missed out on a promotion or is unhappy.”
These attacks are serious.
“An example [of cyberattacks] is a building that contains a data center for a financial services company,” said Michael Rothschild, Indegy’s director of product marketing. “There is a security breach, and the hacker compromises a sensor on a thermostat, turning up the temperature in the data center by ten degrees, and the data center fries.”
SEE: The Rise of Industrial IoT (ZDNet) | Special report: The rise of Industrial IoT (free PDF) (TechRepublic)
Given the expansive exposure to new cyberattacks on IoT and big data, are companies ready?
Garrett Gross, an IT professional who works with security service providers, doesn’t think so. In an AT&T Cybersecurity blog, Gross talks about the danger of IoT and big data’s distributed network frameworks, where large processing jobs are spread across many systems to expedite processing and analytics.
“Distributed processing may mean less data processed by any one system, but it means a lot more systems where security issues can crop up,” said Gross.
Indegy’s Rothschild feels that cloud-based security and risk management might be the answer. “The cloud allows you to pool all of your data from multiple points,” said Rothschild. “When you have all of this data in one place, you can see all of the potential security threats in different places throughout your infrastructure, and act on them.”
Companies can use analytics to rank threats by the degree of risk each poses and prioritize those threats so they can immediately address the most critical ones.
Rothschild offers a use case: “An industrial pipeline can span thousands of miles. There are instances when a pump needs to be replaced or a patch must be delivered. The area the pump is in might be remote. A technician might need to get into a snowmobile to even reach the site. In cases like this, you need the ability to look across thousands of different pumps to find the one that is defective or infected.
The same pumps, if run with software, need to be constantly updated for security. By using a cloud-based solution that can manage and give you visibility of the entire pipeline, you can immediately identify the problem and where it is located, and dispatch the assistance that is needed. The expedited response reduces your risk.”
Rothschild explained that the methodology for IoT and big data risk management was based on risk scoring, a common method used by financial services companies, which use a set of defined parameters to determine which areas of their financial portfolios are riskiest.
“The risk management analytics for an industrial IoT infrastructure also uses a set of 10 or 15 defined risk factors. It additionally allows a network or security manager to add new factors,” said Rothschild.
The algorithm in risk analysis uses a ranking of industrial security criteria that determine which areas of the industrial IoT infrastructure are at highest risk for a cyberbreach, such as a port that has been left open. Each sensor or device in an industrial infrastructure can be monitored for risk, down to the control plane of the sensor itself.
Solutions like this help harden big data and IoT security and are management tools that both IT and industrial operations managers can use in managing building, equipment, and network security.
To optimize the capability, companies must train their IT and operations personnel to use these tools and also educate employees on what they can do to prevent cybersecurity threats and breaches.
“The good news is that we now know much more about cyber security risk management in industrial networks and IoT,” said Rothschild. “Ten years ago, IT and operations managers would have known little about these threats and how to manage them. Now, they know.”