The Internet of Things (IoT) will continue to play an essential role in the digital business strategies for enterprises. In fact, many industrial enterprises are planning to invest more in IoT implementations to reduce costs, create new business models and meet changing customer expectations.
However, as enterprises continue to make investments in industrial IoT, there is a need to ensure those devices’ airtight cybersecurity at every stage of the manufacturing workflow. With this in mind, below are four tips for enterprises to secure their industrial IoT networks.
Implement System-Wide Protection, Visibility and Asset Maps
The first step of network security is fully understanding the breadth and scope of the devices employed in your network–and industrial IoT devices are no exception. Some manufacturers provide detailed specifications of their devices’ expected behavior and resource use, while others don't. Additionally, many IoT systems use proprietary protocols and have limited built-in processing and storage capabilities, requiring communication with connected backend infrastructure to function effectively. A helpful approach is to implement network visibility to investigate the communications of these devices and identify them based on what they share outside of your network.
Once an organization has fully determined the capabilities of its IoT devices and network capacity, it should create a specific plan to protect its network that is tailored accordingly while adhering to best practices. One example is to harden devices and set up additional security to protect the network against outside threats that risk shutting down operations.
Watch Out for DDoS Attacks
If not well defended against, distributed denial-of-service (DDoS) attacks pose a serious risk to manufacturers using IIoT devices. A DDoS attack has the potential to shut down operations for as long as the attack endures, costing serious production delays and opening the door to even worse cyberattacks. IIoT devices are also a frequent target for malware that can take over their processing power and increase the strength of attackers’ botnets, which have become more and more powerful as of late.
Moreover, DDoS attacks are growing more sophisticated as threat actors innovate new attack methods to get around traditional defenses, including by adapting attack vectors in response to known defenses. Manufacturers are at particular risk as NETSCOUT’s latest Threat Intelligence Report shows that computer and computer storage manufacturers saw attacks surge by as much as 263% during the second half of 2021.
To protect against attacks today, IT and security teams need the ability to inspect both inbound and outbound packet data. By comparing inbound traffic data against global threat intelligence feeds, organizations can make sure that requests are legitimate and, in the event of a DDoS attack, quickly activate protection measures. On the flip side, analyzing outbound traffic data at the network edge allows organizations to identify potentially compromised devices and act as a last line of defense if other cybersecurity tools fail.
Segment Your Network and Protect Your Firewall
Another fundamental way to protect your network from external traffic and help limit the impact and scope of cyberattacks is through network segmentation and firewalls. Segmentation makes sure that not every device is granted access to the entire system. Typically, cybercriminals use IoT devices as entry points to move freely across the network, so segmentation keeps particular types of devices siloed off to enhance security.
It also helps to improve visibility and simplify the classification of different device types–which organizations can use to create risk profiles and relevant security policies for device groups. Furthermore, segmentation prevents hackers from moving laterally across networks, so they can only inflict damage on systems they breach rather than the whole network.
While firewalls are an essential part of network security, in an IIoT environment, they cannot be relied on by themselves for industrial use. For example, security teams would need to deploy an internal firewall at every IIoT connection point and then regulate the policies and configurations across hundreds to thousands of firewalls, creating a nearly unmanageable situation. Nonetheless, firewalls help control information flow between network segments, thereby helping secure your industrial IoT network.
Secure Your Data by Encrypting It
In addition to segmentation and firewalls, encrypting your data provides a pragmatic way to secure complex industrial IoT systems. End-to-end encryption ensures that only those with a decryption key can use it to access the information as it crosses over the network. And while it may seem apparent, it’s imperative to create, rotate and backup passwords with random characters to ensure maximum data security. Additionally, access controls should be applied at the connectivity layer using firewalls or data diodes.
Finally, be sure to practice regular audits and monitoring to ensure that all steps are working as established, everyone has proper access and validation, and operations can continue to operate without incident. Keeping these pain points in mind helps industrial enterprises protect their data in transit between the device and service infrastructure.
As mentioned above, investments in industrial IoT networks offer many benefits to enterprises, such as reduced costs, new business models and the adaptability to meet changing customer expectations. But as with any advancement in technology, with new possibilities come new perils, and industrial enterprises must continue to be vigilant regarding cybersecurity best practices in order to unlock the IoT’s immense potential.
Richard Hummel is a threat intelligence lead at NETSCOUT.