Securing smart devices in OT environments

Issue 8 2021 Information Security, Security Services & Risk Management, Industrial (Industry)


Joe Robertson.

The Industrial Internet of Things (IIoT) is all about connecting people, processes and assets. Traditionally, devices in OT (operational technology) environments have been isolated or connected directly to an industrial control system. IIoT gives these devices a link to the Internet. Now that these devices have been 'brought to life’, users can interact with them in realtime, draw data from them and analyse that data via statistical or predictive analysis. The value from that intelligence is priceless and the opportunities are endless.

Benefits include improved operational efficiency because IIoT devices can reduce troubleshooting time from days to minutes, reduced maintenance costs via preventive maintenance using sensors that can detect when equipment will soon break down, optimised procurement planning and scheduling, improved safety and enhanced customer experience.

In addition, advances in IIoT technology coupled with the rise of 5G will allow organisations to strengthen all of these benefits. So, what are the different ways that critical industries are using 'smart' stuff/devices?

Oil and gas

IIoT devices can be found across the oil and gas industry value chain, from upstream exploration and production to refining and downstream distribution. And in demanding environments such as offshore platforms, small IIoT networks can be used for rig or cargo-ship monitoring, reducing the billions of dollars lost each year to non-productive time (NPT). In the midstream sector, advanced sensors are being implemented to surveil various parameters of the pipeline to detect potential leaks or breaches.

Manufacturing

Using the IIoT approach of digital twins, manufacturers can virtually replicate a product or process, enabling them to analyse the efficiency of a system, make predictions and forecasts and help them create a better version of their products. In production lines, sensors, cameras and data analytics can determine, through predictive maintenance, when a piece of machinery will fail and can help managers plan maintenance and service schedules before a problem occurs. Smart devices can optimise shared costs in the value chain by tracking and tracing inventory in realtime, providing visibility and projections to supply-chain managers of available materials, the arrival of new materials and works in progress.

Power and utilities

The power and utilities sector embraces IIoT for smart water and gas management and smart grids. In smart water management, optimising water usage is key. Sensors can track parameters such as water pressure, temperature, quality and consumption, enabling utility companies to analyse the data as well as use it for billing purposes. Consumers can monitor their water consumption, decreasing water waste.

With smart grid, smart meters can monitor electricity consumption and transmission in realtime, which allows for more efficient, demand-based electricity generation and distribution. They can also alert electricity companies of power outages, allowing them to react at speed and restore services quickly. Finally, smart meters are a critical element of the decentralised power model by facilitating the growth of energy sources, such as solar panels and wind turbines, furthering efficiencies in production and distribution.

Transportation and logistics

The transportation and logistics sector is becoming smarter and safer thanks in part to IIoT with applications such as public transport management, fleet management and track and trace. In public transport management, IIoT solutions include passenger information and display systems, integrated ticketing systems, live vehicle tracking and more. With fleet management, IIoT devices are embedded in the vehicles to monitor their condition and driver behaviour, which informs of idle times and driving style. Track and trace uses IIoT sensors to track goods and manage them properly, ensuring that goods are in the right vehicle and on the way to the right destination.

Smart cities

Smart cities display some of the most exciting applications of IIoT from smart lighting to smart traffic to smart waste and smart parking, all ensuring that cities are cleaner, safer, more organised and economical for their residents. By managing, monitoring and automating connected streetlights - processes like brightness levels and consumption - cities can decrease costs and improve sustainability.

IIoT-enabled traffic monitoring can help manage traffic flows efficiently to decrease congestion and improve road safety. With smart waste solutions, sensors are installed in containers, enabling waste collectors to track waste levels, optimising schedules and routes. Finally, smart parking lots can interact with smart vehicles to provide up-to-date information on open space availability.

With various industries increasingly relying on IIoT smart stuff to monitor, track and manage various assets and predict, prevent and control a number of incidents, a vital question arises: Are smart devices implicitly safe to use and trust?

Smart doesn’t imply secure in OT environments

In fact, being smart just makes you more attractive to hackers. With each new smart device introduced into the network, the risk increases because each device is a potential new entry point for attack. Adding to this equation is 5G, which, although more secure than its predecessors, makes for a whole new playground for hackers. Additional security will still be needed.

Making smart devices in OT environments secure

When securing any system that includes smart devices, there are three important factors to consider:

1. Visibility: Having a comprehensive view of the system and its components to understand which devices are connected to the network and whether they are operating normally. Knowing what is connected to the network is basic cyber-hygiene, because you can’t protect what you can’t see.

2. Prevention: IIoT devices often have limited connectivity needs and segmentation should be used to restrict access. Application-aware firewalls can ensure that only authorised protocols and applications are allowed. Intrusion prevention can detect and block attempts to scan for vulnerabilities or security holes and prevent any attempt to exploit those vulnerabilities. For the IIoT infrastructure and ecosystem, since most communication is via REST APIs, detecting and stopping any attempts to gain access or exploit these APIs must be a high priority.

3. Recognising when a smart device has been compromised: Following a successful intrusion, there is a reconnaissance period during which the attacker will try to gather as much information as possible about the environment, identify high-value assets and determine how best to monetise the breach. This means that there is a short window of opportunity to detect the breach, identify the compromised devices and remove them from the network to contain and block the attack.

Solutions such as anti-botnet, compromise detection and user and entity behaviour analysis are designed to detect a cyberattack as soon as it happens. Adding security orchestration, automation and response (SOAR) technology can take this information and perform automated investigation and response to identify, isolate, or remove compromised devices before any damage is done.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Empower individuals to control their biometric data
Information Security Access Control & Identity Management Security Services & Risk Management
What if your biometrics, now embedded in devices, workplaces, and airports, promising seamless access and enhanced security, was your greatest vulnerability in a cyberattack? Cybercriminals are focusing on knowing where biometric data is stored.

Read more...
Strategies for combating insider threats
Information Security Security Services & Risk Management
In Africa, insider threats pose an increasingly significant risk to businesses, driven by economic uncertainty, labour disputes, and rapid digital transformation. These threats can arise from various sources, including disgruntled employees and compromised third-party service providers

Read more...
World-first safe K9 training for drug detection
Technews Publishing SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...
Five tech trends shaping business in 2025
Information Security Infrastructure
From runaway IT costs to the urgent need for comprehensive AI strategies that drive sustainable business impact, executives must be prepared to navigate a complex and evolving technology environment to extract maximum value from their investments.

Read more...
Kaspersky’s predictions for 2025 APT landscape
Information Security
The 2025 advanced persistent threat (APT) includes the rise of hacktivist alliances, increased use of AI-powered tools by state-affiliated actors – often with embedded backdoor – more supply chain attacks on open-source projects.

Read more...
SecurityHQ certified B-BBEE Level 1: Delivering global services from a local entity
SecurityHQ Information Security
SecurityHQ, a global managed security services provider (MSSP) with an office in South Africa, has announced it can now offer local companies a complete managed cybersecurity service from a Level-1 B-BBEE accredited and 51% black-owned service provider.

Read more...
2024, the year of Fraud-as-a-Service
Information Security
A report from AU10TIX outlines how ‘the industry’s dark engine’ offers user-friendly fraud kits that enable amateurs to execute complex attacks against thousands of accounts in minutes.

Read more...
The future of endpoint security
Information Security
Endpoint security is a critical pillar of cybersecurity, especially for South African businesses, which are becoming prime targets for cybercriminals. Endpoint security involves safeguarding devices connected to a network from a range of cyberthreats.

Read more...
Not enough businesses take cybercrime seriously
Information Security
Interpol recently revealed that cybercrime, specifically ransomware incidents, cost the South African economy up to 1% of the country’s GDP, while the Council for Scientific and Industrial Research estimated the loss at R2,2 billion a year.

Read more...