What does the digital industry need to be protected from

In modern industry, the number and prevalence of IoT / IIoT devices, "smart" machines and other equipment connected to the Internet is gradually increasing. The embedded software on which they operate can potentially contain bugs and vulnerabilities that can be used for a variety of purposes, including for new Luddism and simply extortion. Let us examine the main vulnerabilities of the “smart” industry, consider some cyber attack scenarios on it, as well as technical recommendations for protection.



At the end of May 2019 it became aware of the prepared roadmap of the end-to-end technology “Industrial Internet” in Russia. According to forecasts, the introduction of IIoT at Russian enterprises by 2024 will give an economic effect of at least 5.5 trillion rubles. The greatest value will be given to the introduction in the non-primary industry and mining - more than 1 trillion rubles for each industry. In agriculture, power industry and logistics, the effect will exceed 500 billion rubles.



The results of real implementations of IIoT solutions in the world indicate that the forecast described above is quite real. Thus, the introduction of smart components at the Smolensk NPP has reduced the time for detours by 20 times and improved the quality of observations , the economic effect is about 45 million rubles a year. For 4 months, the electronic engineering plant Techineering received a saving of 48% thanks to the installation of wireless sensors and electricity, heat and leakage meters. The positive effect of the introduction is measured not only in money - for example, the company Harley Davidson equipped all its machines and parts with radio tags to speed up the production of custom models of motorcycles. As a result of the introduction of IIoT, the production cycle was reduced from 21 days to 6 hours .

')

Comparable performance figures for the introduction of IIoT in the Russian Federation in 2017 called McKinsey and Pricewaterhouse Coopers: they predict an annual effect from 0.4 to 1.4 trillion rubles, as well as a total effect of 2.8 trillion rubles by 2025.



Thus, domestic and foreign examples, as well as financial prospects for the massive introduction of IIoT, suggest that Industry 4.0 is becoming a very real practice of today's industry.

Smart Industry Vulnerabilities

Industry 4.0 involves the full automation of production and the connection of everything and everything to the Internet. At the same time, equipment at such enterprises “communicates” with each other, and artificial intelligence, managing processes, collects data to control production stages, which makes it possible to produce higher-quality products in the most flexible and resource-saving manner.



Obviously, the higher the level of automation, the more software code is contained in the hardware firmware and the more likely it is that there are vulnerabilities in them. Firmware, of course, is not the only source of security problems for smart plants 4.0. There are more real problems. Here are some of them.



Vulnerable components

Today it is a big problem, because a significant part of these devices was developed without taking into account the security requirements of smart enterprises. According to employee surveys, outdated equipment is the main obstacle to the implementation of industrial IoT solutions. Attempts to build new systems based on old devices are faced with the problems of providing an appropriate level of protection.



Vulnerable protocols

Many protocols were created many years ago and are still used almost unchanged. However, when they were developed, there were not most of the modern threats and the networks of enterprises were isolated. As a result: according to research data, 4 out of 5 least secure protocols are industrial control protocols.



Vulnerable operators

At the enterprises of industry 4.0 people are significantly less, which proportionally reduces the number of possible targets. However, the introduction of new technologies suggests that a number of remaining employees will still have to work with new programs and data types. In conditions when you have to learn new things, a person becomes especially vulnerable to social engineering, in particular, to phishing attacks.



Vulnerable supply chains

Several companies take part in the production chain. Therefore, in order to protect one enterprise, the safety of all the production facilities connected to it, as well as all the factories connected with it, must be ensured. But since it is almost impossible to control all communications, as a result, the final level of security will be at the level of the weakest link.



Vulnerable IT Processes

In many cases, installing updates on IIoT devices is not an easy task, because some of them may simply not have a mechanism for installing updates. Another difficulty is a huge number of devices, so there is a risk to miss one or two sensors. Another problem in terms of updating is an enterprise of a continuous cycle, because in this case it is impossible to stop the technological process and pour patches on IIoT sensors .



Industrial equipment allows you to perform a huge number of different operations. At the same time all the wealth of opportunities is often not required. In the industry 4.0, the presence of unused functionality in the equipment expands the attacker's ability to attack, and ensures its secrecy: since the functionality is not used, nobody controls the operation of the equipment in this part, and penetration may go unnoticed.

Basic cyber attacks on smart enterprises

The European Union Network and Information Security Agency (ENISA) conducted a survey last year, in which the authors interviewed cyber security experts and identified 12 basic cyber attack scenarios for IIoT devices, and also formulated security measures for IoT devices in the context of smart industry enterprises 4.0. First, let's talk about attack scenarios. In the table below, each possible type of incident is assigned a degree of risk that it carries for an intelligent enterprise.







Consider some of these attacks:



- Attack on the connection between controllers and actuators: the attacker injects and runs malicious code in the system, manipulating data that is transmitted between the controller and the machine.

Impact : loss of control over technological processes, damage to the production batch and / or infrastructure.

Related threats : internal and external sabotage, manipulations with software and hardware, changes in the configuration of control devices.



- Attacks on sensors: hacking a sensor, an attacker can change its firmware or configuration, and then change the data that the sensor transmits to the control equipment.

Impact : making wrong decisions based on false data, performing a process based on incorrect measurements.

Related threats : information modification, sabotage, software and hardware manipulations.



- Attack to remote control devices (operator panels, smartphones): an attacker can hack into remote control devices, which are usually designed to perform maintenance and are not used constantly. Meanwhile, they represent a direct threat to the network, since hacking them can cause significant damage, and it is quite difficult to identify it.

Impact : obtaining full access to the system with the ability to change all parameters.

Related threats : password attacks, exploiting software vulnerabilities, intercepting sessions, information leaks.



- Malicious software spreading over the network: to penetrate it exploits vulnerabilities in firmware and operating systems. You can protect yourself by timely updating vulnerable devices and programs, but, as mentioned above, in the case of the IIoT, updating is not always possible.

Impact : IIoT provides a rich set of opportunities for intruders - by taking control of a smart thermostat, they can turn off the heating in a hospital, putting the safety of people at risk, in a metallurgical plant incorrect operation of thermostats can stop a blast furnace and simply disable it.

Related threats : exploit packs, DDoS, password attacks.



- Human errors and social engineering as a rule serve as a first step for carrying out other types of attacks: human errors and features of the human psyche make it possible to gain unauthorized privileged access to the system for installing backdoors, other malicious programs or physical access to devices. Attacks on people are harder to detect, since they are carried out using not technical, but psychological methods of influence. To improve the recognition of this type of attack, employees of the enterprise need to undergo appropriate training.

Impact : if successful, an attacker gets privileged access to the system or data necessary to conduct other types of attacks.

Related threats : erroneous use of administrative powers, improper administration or adjustment of the system, physical damage to equipment, theft of the company's intellectual property.

What is offered to provide a “smart” plant

As part of the ENISA study, an analysis of the main IIoT security topics was carried out, which were divided into three groups:

• politicians,
• organizational activities
• technical activities.

We will consider the main technical recommendations, and the full text can be found in the original work :



Trust and Integrity Management



Security measures that ensure the integrity and reliability of data, as well as set the criteria for trust in devices:

• check the integrity of the software before its launch, make sure that it is obtained in a safe way from a reliable source and has a valid EDS of the supplier;
• Authorize all IIoT devices in the enterprise network using digital certificates and PKI;
• set the communication channels between IIoT devices in the form of a white list; if possible, select only secure channels;
• implement whitelists of applications and review with each change in the system, but not less than once a year.

Machine to Machine Interaction



Identifies key storage, encryption, input validation, and security issues:

• store service encryption keys, except public keys on special servers with hardware crypto modules;
• use proven and secure cryptographic algorithms for interaction between objects with integrity checking and mutual authentication;
• choose communication protocols with protection against replay-attacks (attacks to replay old messages);
• Use white lists to validate input and protect against cross-site scripting and code injection.

Data protection



Defines measures to protect confidential data and control access to it:

• select ways to protect information in non-volatile and volatile memory, as well as during transmission and use;
• analyze the risks and assess the criticality of various types of data, based on the analysis, determine the necessary security measures;
• provide the minimum necessary access to information, document all rights issued;
• for the most sensitive data, use encryption so that only authorized persons can access it;
• impersonate and protect personal data when processing within the company; use encryption and access control, consider legal risks.

Networks, Protocols, and Encryption



Security measures that provide security by choosing the right protocols, encryption and network segmentation:

• whenever possible, use secure communication channels and encryption to interact with IIoT;
• divide the enterprise network into segments, create demilitarized zones and control traffic between segments;
• apply microsegmentation by creating small groups of components on the same network that exchange data. Control traffic between microsegments.
• if possible, separate network segments with high security requirements from business and management networks;
• Use IIoT solutions with a proven level of security, avoid acquiring and using devices with known non-fixable vulnerabilities;
• Ensure compatibility and security of device interoperability when using different protocols.

Etc.

Why is this all about?

The fourth industrial revolution will bring not only new opportunities, but also new risks. Counting savings from the introduction of fully automated enterprises, it is necessary to take into account the costs of cybersecurity. The vulnerability of a single IIoT device can be a source of problems for the whole plant. In conditions when such devices are not even hundreds, but tens and hundreds of thousands, the task of protecting them turns into a strategic one.