Managing the risk of the Internet of Things
The Internet of Things (IoT) is growing rapidly, and more devices are going online. Are industry, consumers, and the companies creating products and services and integrating the technologies ready to deal with the security that goes with protecting the devices and users? Industrial network design and best practices can help. See six steps for IoT risk mitigation.
The Internet of Things (IoT), or variations of the term, has saturated the media with stories of connected vehicles, networked wearables, home automation, and smart meters. With such significant conversation, one would think that this market was invented yesterday, but, in fact, the machine-to-machine communication that typically interfaces with the physical world via communication networks has been with us for a long time. The less flashy devices known as industrial control systems have been running our electric grids, oil pipelines, and manufacturing plants for decades. Like cloud computing, which partly owes its lineage to the mainframe timesharing concepts of the 1960s and 1970s, IoT has been rebranded.
But notwithstanding the hype, the market for connected devices is shifting. Like cloud technology, IoT is massively larger in scale than its earlier generations and is growing fast. What makes it significant, and a little scary, is its sheer ubiquity, touching consumers and businesses alike. Moreover, the use cases continue to expand from trivial or narrowly focused applications to broad-based and life-critical solutions in health care and transportation.
To understand the risk to IoT, definitions are needed. Clearly, IoT is a somewhat fluid term and owes its name more to media hype rather than to a multi-year standards process. Consequently, it has the "know it when you see it" quality. At its most basic level, IoT implies network connectivity, the use of embedded (or limited computing) devices, and, typically, involves some connection to the physical world, such as measuring temperature, blood pressure, or road vibrations. In essence, it implies network connectivity for everyday devices that traditionally were not considered computers; however, nearly every use of IoT also involves some traditional computer usage. For example, these small, embedded devices usually report their status and receive instruction from a traditional computer workstation, server, laptop, or smartphone. A typical IoT architecture might look similar to what is shown in Figure 1.
It's better to think of IoT as less a series of small devices and more of an ecosystem that requires multiple components to work correctly. The supporting components, while appearing to be normal computing devices, still need to be adjusted for the real-time nature of and massive data often associated with IoT. Computer networks need to be everywhere and optimized for the volume and velocity of the data flows. And the appropriate business logic needs to be devised for what are largely autonomous networks.
But fundamentally, IoT is about the core components that interact with the physical world. They typically include sensors to measure things like temperature, wind speed, or presence of an object. And they often include actuators that initiate actions like driving a car, turning off power, or injecting insulin. The supporting functions are often the place where the actions are determined, but for some largely autonomous devices, some of those decisions could be made independently based on the input the device receives.
While IoT is still a relatively new concept, core components have had populated industrial networks for decades, and they foretell some of the risks that could potentially be faced. Industrial networks have frequently been the subject of cyber attacks. Unlike traditional information technology components, they are often more vulnerable because many industrial networks were never designed to connect to networks that were linked to a hostile Internet. Instead, those closed networks assumed physical attacks were the threats to guard against.
In addition to interconnectivity challenges, the core industrial devices, such as programmable logic controllers (PLCs), had basic communication protocols that could crash if they received any unexpected data. Moreover, PLCs were essentially designed to process commands from whoever sent them, sometimes with little or no authentication. That meant that if the industrial networks were not sufficiently isolated or properly defended, compromise was more likely with real physical consequences.
IoT threats are real
Threats have been executed through IoT.
- Nearly two decades ago, a disgruntled former employee used network access to remotely release sewage.
- In 2007, researchers demonstrated that a generator could be destroyed by remotely opening and closing circuit breakers rapidly.
- In 2014, hackers broke into the industrial network of a German steel mill and prevented a blast furnace from shutting down.
- With respect to the more modern IoT devices, a researcher hacked his insulin pump, others managed to compromise smart meters, and, in a segment aired on "60 Minutes," Defense Advanced Research Projects Agency (DARPA) scientists remotely controlled automobile brakes.
These examples show how securing billions more of IoT devices, deploying them on a wide variety networks, and connecting some of them directly to the Internet will continue to pose great challenges.
Even with better network stacks and more rigorous cyber-security controls, the nature of many of these devices means that the robust controls that exist on typical workstations, laptops, servers, or even smartphones are unlikely to be implemented in the devices' design. Controls need to be evaluated and implemented in a different way. Moreover, these devices are incredibly diverse in application, location, and architecture. Some rely on centralized control, while others have their own intelligence and often operate autonomously.
By definition, they are connected with other networked components, which means they are at risk of being compromised, have the potential to spread infections, and serve as a platform for hackers to attack other parts of the ecosystem. That is why the risks posed by IoT are significant, because, normally, there is a level of trust that pervades the network where these live. It is the network and its scalability offer the greatest promise and the greatest risk for IoT.
Additionally, it is often the data that matters. While the idea of hacking cars to run them off the road or manipulating pacemakers to induce heart attacks may generate the headlines and Hollywood movie plots, the reality is that much of the IoT world exists simply to observe and report. Their job is to generate and forward data. In the future, much of society will rely on these passive sensors to decide when and where to grow food, where to travel, and thousands of other similar decisions. It will be the accuracy of this data, or more precisely the relative accuracy of the aggregated data, that will prove to be a critical ingredient in how our private and public lives are conducted. That data will serve as the foundation by which everything else is built and operated. And few will ever stop and think whether the underlying data is correct.
By manipulating data, hackers could threaten air, water, food supply, and personal safety. For example, the correct data will keep us from dying in car crashes when nearly all vehicles will be self-driving, heavily relying on sensor data to operate correctly. For that reason, the commands issued to IoT devices and the integrity of data received from those devices must be protected.
Learn more about steps to take with mitigating IoT risks and how to prioritize potential vulnerabilities to the system.