Skip to navigation Skip to content

The Risk of Industrial IoT Sensor Compromise

Minute Read

From personal activity trackers to coffee pots that turn on from a smartphone, the Internet of Things continues to make life more efficient in numerous ways.

The growth of IoT isn’t just limited to the consumer market.

The Industrial Internet of Things (IIoT) continues to expand as well as organizations find new ways to leverage IoT to monitor and manage different aspects of inventory, manufacturing and operations.

A 2018 survey from McKinsey found that 98% of business leaders had included IIoT initiatives in their strategic road maps. 

New call-to-action

The growth of IIoT

Just as the use of IoT devices has exploded for personal use, the Industrial Internet of Things market has been growing steadily as well.

IoT sensors may be used to monitor equipment from a single centralized location. This enables organizations to better monitor devices and respond to potential issues as operators are alerted and to address issues the moment a sensor shows evidence of abnormal activity.

For example, a manufacturer might use IIoT sensors to monitor the vibration of equipment and thereby better understand when it is in need of maintenance. 

Of the many types of IIoT sensors available today, the following are frequently used to continuously monitor computer and industrial systems:

  • Vibration
  • Gas
  • Temperature
  • Humidity
  • Security

Deployment of IIoT sensors can dramatically reduce an organization’s maintenance cost and improve its maintenance schedules. Having the ability to respond to issues as soon they are discovered minimizes both further damage and lost production time.

An additional benefit of IIoT sensors is the ability to automate tracking of device status and maintenance schedules. Automated reporting can determine when a particular component requires maintenance activities and raise an alert, thereby streamlining the process and reducing overhead costs associated with tracking maintenance needs manually.

Cyber risks of IIoT compromise

There are numerous benefits associated with utilizing IIoT sensors for remote monitoring and management, but significant risks exist as well.

In order to be managed effectively, IIoT sensors must be connected to the Internet, and therefore any insecurity in the IIoT sensor will leave it vulnerable to a cyber attack.

In addition, IoT devices tend to be extremely insecure. IoT manufacturers often prioritize time-to-market over security, resulting in a market flooded with insecure, Internet-connected devices.

This issue was highlighted by the Mirai botnet attack, which compromised hundreds of thousands of insecure IoT devices by utilizing a list of 61 default passwords.

IIoT devices are often manufactured by the same organizations that produce consumer IoT devices, and therefore they share the same poor security. These security shortcomings can result in significant threats for organizations that rely on the IIoT sensors to monitor critical components.

Some sample threats include:

  • Ransomware infections denying access to critical systems
  • Attackers collecting sensitive operational data from devices
  • Stuxnet-like malware designed to damage physical devices

Locking down IIoT devices

The first step in securing IIoT is for an enterprise to simply understand what devices are connected to its network.

It is shocking how many organizations - private and public alike - do not have ready access to this information.

One way to mitigate cyber risk is to have all IIoT devices operate on a network separate from that of the main organization; however this is not always possible or practical.

Another option is to lock down unauthorized access to the IIoT devices is the use of a virtual private network (VPN); however, VPN technology is usually implemented as software, which may not be feasible for IIoT sensors.

Attila’s GoSilent provides comprehensive protection in an easy-to-use package. This compact, physical VPN and firewall device deploys easily with plug-and-play functionality.

Using GoSilent, an organization can immediately secure any IIoT device’s Internet connection with an IPSec tunnel connected to a VPN server located within the organization’s network.

With appropriate precautions, IoT sensors can be a major asset instead of a cybersecurity liability.

Learn more about Attila Security’s cybersecurity solutions for enterprise applications.

Learn how GoSilent Cube can secure legacy IoT devices