<img alt="" src="https://secure.sale0home.com/217841.png?trk_user=217841&amp;trk_tit=jsdisabled&amp;trk_ref=jsdisabled&amp;trk_loc=jsdisabled" height="0px" width="0px" style="display:none;">

Issue 13: Securing the IIoT Attack Surface

by Smart Grid Forums on May 10, 2021

Cyberweekly No.13

It is estimated that by 2025 there will be more than 30 billion IoT connections worldwide, equating to 4 IoT devices per person, with trillions of sensors connecting and interacting on these devices. Globally, this represents a huge attack surface and given the wide variety of standards being utilised by these devices, the IoT landscape is fast becoming one of the most complex ecosystems for cybersecurity teams to manage.

IoT devices include innovations such as smart fridges, smart lightbulbs, and smart mirrors in the home environment, and smart furniture, smart cameras, and smart locks in the office environment. The benefits that these devices present are clear; they provide end-users with increased connectivity, efficiency and productivity, and organisations with reduced costs. However, since these devices have minimal end-point security, are extremely difficult to patch, and are barely visible on the IT management system they cannot be effectively monitored even though they are just as, if not more, vulnerable to cyberattack.

As power grid operators leverage IoT to drive efficiency in the OT side of their organisations, the same security vulnerabilities that plague the home and office environments are carried over to the OT environment, where a cyberattack can have far more immediate and devastating repercussions. In fact, with IT and OT convergence gaining rapid momentum in the power grid, cyber attackers know that they can shut down both the IT and OT sides of the power grid with just one swift attack.

The fact is that IIoT is still emerging, there are many technologies and standards that need to be finalised, so concluding on where the security vulnerabilities are and how they can be managed is no easy task. We know that Denial of Service, Malware, Passive Wiretapping, Structured Query Language Injection, Wardriving, and Zero Day Exploits have all played a part in compromising IIoT landscapes across multiple sectors including manufacturing, transport, healthcare and banking.

So, what’s in store for the power grid and how can we proactively prepare to manage the rapidly growing power grid IIoT landscape and its mushrooming attack surface?

Here is a 23-point action plan recommended by Chuck Brooks, Global Thought Leader in Cybersecurity and Emerging Tech: 1) Use an established IoT Cybersecurity framework that draws on industry experience and best practices such as those provided by NIST, 2) Do a vulnerability assessment of all devices connected to your network both on premises and remote, 3) Create an IoT/Cybersecurity incident response plan, 4) Compartmentalize IoT devices to minimize attack surfaces, 5) Add security software, containers, and devices to “digitally fence” network and devices, 6) Monitor and share threat intelligence, 7) Scan all software for vulnerabilities in networks and applications, 8) Update and patch vulnerabilities to both networks and devices, 9) Do not integrate devices into your network with default passwords and other known vulnerabilities, 10) Establish privileged access for device controls and applications, 11) Use strong authentication and perhaps biometrics for access control, 12) Use machine authentication when connecting to a network, 13) Encrypt IoT communications, especially for data in transit, 14) Use strong firewalls, 15) Use secure routers and WIFI, 16) Use multi-layered cybersecurity protections, including antivirus software, 17) Back up all data, 18) Consider Managed Security and outside subject matter experts, 19) Consider Cloud security as a service, 20) Integrate emerging technologies for protections including machine learning/artificial intelligence, 21) Continually audit and use real time analytics including predictive analytics, 22) Implement security awareness training for all employees, 23) Be Vigilant.

Please enjoy this week’s selection of news, views and resources below, and feel free to share this newsletter with colleagues in other departments, and peers in other organisations.
Kind Regards,


Mandana White
CEO | Smart Grid Forums

News, Views & Resources

REPORT: ENISA. Guidelines for Securing the Internet of Things.
This ENISA study defines guidelines for securing the supply chain for IoT. Establishing secure supply chain across the IoT ecosystem is a fundamental building block for IoT security. Supply chain lays the foundation of IoT devices security, because the majority of these devices are comprised from a multitude of components from different suppliers (both hardware and software). At the same time, supply chains present a weak link for cybersecurity because organisations cannot always control the security measures taken by supply chain partners. Key guidelines of the report conclude on the need to: 1) Forge better relationships between actors, 2) Further cultivate cybersecurity expertise, 3) Adopt security by design principles, 4) Take a comprehensive and explicit approach to security, 5) Leverage existing standards and good practices.
To review the report, click here!
REPORT: Woodside. Industrial Internet of Things.
This report on the Industrial Internet of Things (IIoT) provides an overview of the market, its drivers, the industry structure, start-ups as well as established players. It is intended to be used by start-ups and growth-stage companies, VC & PE investors as well as Corporate Development teams and provides key information to assist those developing & implementing IIoT strategies. This report covers in some detail: 1) IIoT smart sensors, 2) IIoT gateways & networks, 3) IIoT platforms, 4) IIoT data analytics.
To review the report, click here!
REPORT: Keyfactor. Five Guiding Tenets for IoT Security.
In theory, IoT has the promise to be more secure than traditional IT, where humans and manual processes are typically the weakest link in the environment. That said, once a breach occurs within a machine-controlled network, the potential damage is exponentially more powerful, disruptive, and damaging. Not only can IoT devices be misused, but hackers can also compromise or sabotage data, triggering actions that are erroneous and destructive. The promise of IoT security rests in our willingness to learn important lessons from our experience in IT security and applying them to both the unique requirements and anticipated needs of the IoT. The potential of IoT security hinges on our ability to build a solid foundation across the IoT ecosystem, consisting of devices built with security and the necessary properties to ensure it endures.
To review the report, click here!
REPORT: Nozomi. OT-IoT Security Report.
As society deals with the second year of the COVID-19 pandemic, organizations are accelerating digitization to survive and thrive. This places more focus on operational systems, which are at the heart of value and revenue creation. Adding to challenges, cybersecurity is ranked by executives as the second highest risk to enterprises, and attacks on critical infrastructure are rated as the fifth highest global risk by the World Economic Forum. To help security teams and operators of OT and IoT environments, this report provides an overview of the most significant threats and vulnerability trends of recent months. It also provides actionable insights and recommendations for securing operational systems. We encourage organizations to focus on security fundamentals and to assess their security posture against the threats and vulnerabilities described in this report for enhanced operational resilience.
To review the report, click here!
VIDEO: Darktrace. Industrial IoT Security: What is IT/OT convergence? Why does it matter for cyber security?
Industrial IoT Cyber Security. The cyber-physical fusion, or IT/OT convergence, has exponentially increased the speed, scale, and ROI of industrial processes, greatly benefiting industries such as manufacturing, shipping and supply chain industries. Yet, at the same time, this convergence also opens new doors to attackers, ultimately allowing cyber-attacks to more directly affect industrial processes. In this video we discuss how a cyber-physical ecosystem opens the door to a cyber-physical threat, such as the recent EKANS ransomware.
To view the video, click here!

CyberAware Webinar Series

Screen Shot 2021-05-10 at 11.09.25

Click here to watch the replay of the Navigating the Threat-Scape webinar
Click here to register to the Combatting Social Engineering webinar
Click here to register to the Combatting Ransomware Attacks webinar

Topics: CyberAware