The IoT / OT challenge
“No one wants hackers to turn off power supply, nor change product compilations or steal data.” – Wim De Smet, CTO @ Orange Cyberdefense
The challenge with IoT and OT devices is that they aren’t designed with security in mind. Many operational devices for example run for 30 years, whereas their software is often outdated after 10. IoT devices in their turn, often lack security by design. This means that the code that goes with them, isn’t secure most of the time. Translation: they are easily compromised.
Besides, IoT and OT devices carry very important data you don’t want to lose. Just think of patient data in healthcare, ID information or secret recipes. Data itself is a new economy. It has great value and power which you don’t want to share with malicious actors.
Industry: productivity or security?
Production is often given priority to security. But networks have changed. Whereas the operational technology used to be separated from the IT network, it is now often connected to it. This makes it easier to report measurements for example, but it might have a negative effect on your security.
As the corporate network and the OT network are merging, security needs to be strengthened. And yes, if you don’t add the required security controls, you might experience downtime and data leakage. Security stands for uptime, not downtime. We need to cut out the assumption that it is the other way around.
How to secure your OT network?
It is highly recommended to proactively monitor for vulnerabilities and to segment your network. You can put your devices in separate VLANs to reduce the attack surface.
If you want to give third parties access to these OT networks for support or measurements, we advise you to use a Virtual Desktop Infrastructure (VDI) solution that disconnects the third party from the OT network. If you want to have audit trails you could also log the activities on these VDI clients.
You need to create visibility too. This can be done through specialized industrial control system monitoring tools that will give you more insights into which assets e.g. PLCs, SCADA, DCS are active on your OT network and what they are doing.
Healthcare: what about 3d party IoT devices?
A lot of healthcare organizations rely on third-party healthcare IoT devices. These devices often send information to third-party platforms which means you give away part of your control/data.
How to secure your IoT network
Be very careful about which devices you grant access to your network, and, to each other. Not all of them should be able to communicate. That is why we recommend segmentation of your IoT network through a next-generation firewall. Next-generation firewalls can also determine command & control traffic and scan for other vulnerabilities.
The majority of IoT and OT devices collect statistics and send them to a central environment. Many of these central environments are hosted in the cloud and thus accessible by anyone from anywhere, this means that Multi-Factor Authentication is a must for these solutions.
Then, last but not least, we advise you to equally protect the central environment against DDoS attacks with an MQTT broker.
Orange Cyberdefense can assist you in designing this central infrastructure in a scalable, redundant and secure way, whether it is hosted in the cloud or on-premise.
Prevent, Detect and Respond
So far, there have already been several security incidents with IoT/OT devices. Most of the time, this results in shutting down production. This might seem far removed from your business, but don’t forget that such incidents can happen to you too. It might not be tomorrow, but you’d better be prepared.
So, apart from prevention and detection capabilities, you also need to have a good response process in place. You want the impact of a breach to be as low as possible to guarantee continuity and your good brand name.
Orange Cyberdefense helps you map your risk. Don’t hesitate to contact our experts.