Recommendations to ensure security in Industrial IoT

Every day there are more IoT devices connected, receiving and sending data continuously. What's more, in just a decade it is estimated that there will be 50 billion devices using this technology, according to Statista figures.

While this is a huge quantitative leap in the amount of data that companies handle, it is also a risk, as cyber-attacks are likely to grow at the same rate.

It is precisely the connectivity offered by industrial IoT devices that is one of their main weaknesses in edge and IoT security, as it is these connections that can be exploited for a cyberattack. Until now, industrial equipment has been isolated and without access to the Internet. By connecting them to the network, they suddenly become vulnerable.

What's more, the industrial environment is particularly vulnerable, as it uses protocols with a low level of security. This exposes it to risks of cyberattacks and vulnerabilities from the moment it connects to the outside via IoT.

However, although the IoT sector has not yet developed all the necessary security, it is possible to access the expertise of the IT world in the field of cybersecurity and Internet security. In this way, it is possible to secure industrial environments when they are connected to the Internet.

The variety of IoT devices in the industrial sector today and their interconnectedness means that a security breach can involve a whole network of devices that is potentially hackable. The interconnection is in fact so effective that, at the enterprise level, many processes are becoming completely dependent on this technology.

This is compounded by the relative immaturity of the IoT industry, which means that cybersecurity is not perceived as a priority, and the complexity of managing a distributed, remote and extremely heterogeneous environment.

However, IoT security issues can translate into serious mishaps such as user and business privacy intrusions, phishing , and process sabotage .

IoT Device Security Threats for Enterprises

The most common consequences of IoT security breaches are as follows:

• Memory leaks
• Buffer Overflow Vulnerabilities
• Access to devices on the edge or local plane
• Information Theft
• Data manipulation
• - Alteration of the operation of the equipment
• - Denial of Service
• - Access to systems and data in the Cloud

The three main threats and risks can lead to the following actions:

Data Theft

IoT devices store and transfer an enormous amount of data (much of it sensitive information), which can be intercepted in an attack and used in blackmail or phishing.

Thus, hacking devices with simpler security devices (e.g., IoT-connected printers or cameras) can seriously compromise a user's privacy.

IoT security can also be compromised if attackers gain access to a user's geolocation information by tracking their movements.

Control of the devices

The IoT device security can also be compromised if cybercriminals take control of a device or a chain of devices. For individual users, this could mean, for example, taking control of a home security alarm; businesses, meanwhile, could see their assembly lines sabotaged in an attack.

DDoS Attacks

There is the possibility that attacks are aimed at sabotaging processes through DDoS attacks. In this case, cybercriminals take control of devices and, through network requests, block the system.

Where security breaches occur in industrial IoT

Each of the three levels of an IoT project's value chain can be threatened at different times:

Security at the edge or local plane is the closest level to the physical world: the devices. In other words, it is the "T" in IoT devices. This includes both the set of sensors and actuators that interact with the physical world, as well as the gateways, hubs, and other IoT nodes that communicate locally with the physical world.

To prevent edge security risks, secure boot of devices and unique certificates for each device are essential.

The communications network. This is the highway that connects data from the local to the remote plane and vice versa, linking the physical world with the digital world of the Internet. In this case, proper encryption of communications prevents potential attacks.

The cloud or remote plane, which is the "I" in the IoT concept. This plane is responsible for collecting, processing and exploiting the data it receives, although it is very common that part of the processing and intelligence on local data is done in the "edge"itself (the so-called "edge computing").

The IoT cloud encompasses the set of servers, databases, and remote analytics and visualization platforms that give meaning and value to the data, and is also the primary communication interface with the human consumer of this data.

It is in the cloud where IT companies have been most focused on providing security, so attacks are more likely to occur on devices at the edge.

Factors that increase security threats in Industrial IoT

Obsolete equipment or lack of upgrades

Devices that are not updated are vulnerable to new threats, as software companies often work to eliminate vulnerabilities in updates. Therefore, it is essential to update the firmware, the software of the devices. What's more, the IoT device is the most vulnerable element of the entire security chain, due to the lack of firmware updates.

In addition, it is necessary to check that the devices do not come from the factory with limited security, in which case they need to be optimized.

Questionable network services

Devices withunsecured network services can be the breach for attacks to slip through. It is common for this to take place on network services running in the background, which are rarely used.

In this sense, too much connectivity between computers is less secure: more connectivity means more exposure to the Internet and more potential for cyberattacks.

Insecure passwords

Simple or easily found passwords compromise access to devices against malicious attacks.

Misconfiguration in external tools

Cloud servers, APIs, and edge security issues can translate into attacks that affect the entire network of IoT devices.

Weaknesses in encryption systems

Poor encryption can also compromise IoT security.

Tips and recommendations for securing IoT devices

IoT security requires taking a series of actions in which the entire chain must be engaged: from the design and installation of the devices to their maintenance and use .

Design recommendations

IoT security requires incorporating the concept of security and privacy by design. Requirements for vendors include that devices obey industry-standard protocols, that their devices are patchable, and that they address known vulnerabilities.

With regard to devices, it is essential to have per-device connection certificates, which limit the risk of an attack at the local level.

Installation, connectivity and encryption

During the installation, connectivity and encryption processes, measures such as:

• Modify default security settings, including passwords
• Assess network connectivity for potential security breaches
• Eliminate unnecessary functions by disabling any device or connection that will not be used.
• Ensure that all communications are encrypted using a proven cipher suite that can withstand common attacks.
• Implement network segmentation and isolation to prevent the spread of attacks. In this regard, it is also essential to ensure a secure network architecture by configuring routers with DMZ or VLANs.

Data Management

Data privacy is one of the challenges for IoT security. This includes establishing protocols for deleting information that has become obsolete or useless.

Similarly, it is recommended to implement secure authentication and encryption methods for any connection between IoT devices, ensuring security in storing and sending data.

It is also recommended to create backups that allow data and operating systems to recover from crashes or attacks. These backups should, in turn, be encrypted.

Follow safety protocols

These include protocols such as the STRIPE model and industrial cybersecurity standards and best practices such as IEC-62443, GMSA best practices for IoT Endpoints, OWASP IoT programme, or Industrial Internet Consortium IoT guidelines.

Good practices in the event of an infiltration

In the event of an attack at any level in an IoT environment, the first step is to decommission the device that has been attacked, either by stopping the applications on the device (which will stop working), shutting down the device, or erasing the software and firmware content of the device, so that it does not restart or have sensitive information inside it.

In any case, it will be essential to have a cybersecure software software that connects to devices for secure data capture and is capable of sending encrypted/encrypted data to the Internet.

In the deployment of the IoT environment, it will also be necessary to have a device management panel that runs on cybersecure software and can remotely update any device anywhere in the world.

Therefore, it is essential to havea reliable supplier, with experience and demonstrable track record in the cybersecurity industry, that knows the standards and that incorporates cybersecurity in its solutions from the beginning (the design of the software).

Thus, Barbara OS is developed with security by design and has functionalities for high criticality environments, among others:

• Safe start-up
• System bastioning or port shutdown
• Encryption of in-memory and in-transit data
• Device identification using unique cryptographic certificates
• Encryption of communications
• Verified firmware updates
• Patching SLAs for Security Vulnerabilities

Want to know more about IoT security and how to ensure it for all your processes? Looking for a secure operating system for Industrial IoT?

At Barbara IoT we help you to securely install and manage your IoT deployments, thanks to our system with the Barbara OS Cybersecure Operating System, which takes all measures to ensure the privacy and integrity of your systems. Contact us at and request a demo to see how we can help you.

‍