Securing the Industry of Things
Can you imagine the chaos if your connected freezer unexpectedly turned off, or your IoT controlled heating malfunctioned making it sweltering hot? Disaster for one person, let alone a business where thousands of connected devices form the foundation of its core revenue stream.
With Gartner predicting that the number of IoT devices expected to exceed 20.4 billion by 2020, it has never been more important to have the security protocols in place to protect against increasingly prevalent cyberthreats that can take them down.
The various IoT sensors built into the manufacturing chain – including temperature controls, sensors to track output, or remote-control devices – provide the industry with a tremendous amount of critical data. However, with the explosive growth of IoT we have also seen a rise in cyber-attacks against these devices to increasingly detrimental impact.
Increasingly, IoT devices – and by extension manufacturers – are becoming targets for hackers. From the Dyn Domain Name System breach in 2016 that took down the likes of Amazon, Facebook, Twitter, and Spotify, to the German Federal Network Agency advising parents in 2017 to destroy the Cayla doll because of its vulnerability to cybercriminals, attacks on IoT devices and the discovery of new threats associated with them are only going to increase in frequency.
It is therefore no longer acceptable for businesses to bury their heads in the sand. They need to protect their devices, protect their customers and, fundamentally, put measures in place to protect their brand before it’s too late.
An attractive target for hackers
The growth of IoT has been mirrored by the rising sophistication of cyber threats across all industries. Owing to their highly connected nature, attacks on IoT devices could disrupt infrastructure, steal credentials, inject malware into systems, or bring down unprotected networks.
The sheer volume of devices connected to the web makes it easy for attackers to identify and exploit access points within an IoT network. Hacks on networks in smart factories could disrupt or interrupt production processes: for example, manipulating the cold chain by increasing the storage temperature in order to halt production and cause potentially unrecoverable financial damage.
Struggling to secure
The protection of data is paramount for any business. Despite this, businesses are struggling to keep on top of vulnerabilities, with Forrester revealing that over half of tech security leaders do not have sufficient tools in place to enforce IoT security policies. Battling with the specifics of each individual device, it is incredibly difficult to create one-size-fits-all security scanning tools.
For large institutions and industrial environments, many of whom are striving to prioritise PC and server patching, finding and cataloguing IoT devices and applying updates quickly is a near impossible task leaving businesses vulnerable.
Building trust in IoT
Fuelled by high profile breaches and the weight of protecting huge data packets, trust in IoT is dwindling for both businesses and consumers, with 96% of businesses and 90% of consumers believing that there should be IoT security regulations. In response, the government earlier this year announced new measures to boost cybersecurity in millions of internet-connected devices.
The new rulings stipulate that smart IoT devices will be expected to build-in security measures that last the lifetime of the product. Developed in conjunction with the National Cyber Security Centre, manufacturers and retailers, the Secure by Design review specifies that security must be embedded in the design process rather than a bolt-on or an afterthought.
Coupled with GDPR, this regulation recognises and demands that cybersecurity takes centre stage as businesses and consumers understand the critical impact that a breach can have. But, the question remains, is this enough?
As manufacturers struggle with the complexities of securing the IoT from outside threats, they are forgetting that human behaviour is still the biggest threat to a company’s security, with 55% of all cyber-attacks found to be carried out by ‘malicious’ or ‘accidental’ insiders.
Businesses can spend substantial sums on the latest cybersecurity technology designed to identify and mitigate threats when they emerge, but they will always be at significant risk if they do not find ways to independently account for the unpredictability of human behaviour.
As such, it is vital that manufacturers understand where their data is, who is accessing it, and can identify changes in behaviour in order to mitigate the risk accordingly. By understanding the human point, manufacturers can adapt their security postures to fight against increasingly prevalent threats, creating an environment with security at its core and ensuring that trust in IoT is built-in.
Securing the industrial internet of things
There is no denying that IoT has an important role in the future of the manufacturing sector. We are already seeing businesses reap the benefits with advances in distribution, the streamlining of processes and the enhancing of customer experience.
However, if this growth is going to continue, it is important that manufacturers get their security solutions in order.
By understanding the value of the data that is flowing through the network, manufacturers can protect their fragmented systems and ensure that they can identify and mitigate risk, regardless of where it sits on the network. In doing so, the Industrial Internet of Things will continue to thrive and create a new frontier for innovation, safe in the knowledge that their data, employees and brand are safe.
By Luke Somerville, Head of Special Investigations at Forcepoint.
Siemens: Providing the First Industrial 5G Router
Across a number of industry sectors, there’s a growing need for both local wireless connectivity and remote access to machines and plants. In both of these cases, communication is, more often than not, over a long distance. Public wireless data networks can be used to enable this connectivity, both nationally and internationally, which makes the new 5G network mainframe an absolutely vital element of remote access and remote servicing solutions as we move into the interconnected age.
Siemens Enables 5G IIoT
The eagerly awaited Scalance MUM856-1, Siemens’ very first industrial 5G router, is officially available to organisations. The device has the ability to connect all local industrial applications to the public 5G, 4G (LTE), and 3G (UMTS) mobile wireless networks ─ allowing companies to embrace the long-awaited Industrial Internet of Things (IIoT).
The router can be used to remotely monitor and service plants, machines, as well as control elements and other industrial devices via a public 5G network ─ flexibly and with high data rates. Something that has been in incredibly high demand after being teased by the leading network providers for years.
Scalance MUM856-1 at a Glance
- Scalance MUM856-1 connects local industrial applications to public 5G, 4G, and 3G mobile wireless networks
- The router supports future-oriented applications such as remote access via public 5G networks or the connection of mobile devices such as automated guided vehicles in industry
- A robust version in IP65 housing for use outside the control cabinet
- Prototypes of Siemens 5G infrastructure for private networks already in use at several sites
“To ensure the powerful connection of Ethernet-based subnetworks and automation devices, the Scalance MUM856-1 supports Release 15 of the 5G standard. The device offers high bandwidths of up to 1000 Mbps for the downlink and up to 500 Mbps for the uplink – providing high data rates for data-intensive applications such as the remote implementation of firmware updates. Thanks to IPv6 support, the devices can also be implemented in modern communication networks.
Various security functions are included to monitor data traffic and protect against unauthorised access: for example, an integrated firewall and authentication of communication devices and encryption of data transmission via VPN. If there is no available 5G network, the device switches automatically to 4G or 3G networks. The first release version of the router has an EU radio license; other versions with different licenses are in preparation. With the Sinema Remote Connect management platform for VPN connections, users can access remote plants or machines easily and securely – even if they are integrated in other networks. The software also offers easy management and autoconfiguration of the devices,” Siemens said.
Preparing for a 5G-oriented Future
Siemens has announced that the new router can also be integrated into private 5G networks. This means that the Scalance MUM856-1 is, essentially, future-proofed when it comes to 5G adaptability; it supports future-oriented applications, including ‘mobile robots in manufacturing, autonomous vehicles in logistics or augmented reality applications for service technicians.’
And, for use on sites where conditions are a little harsher, Siemens has given the router robust IP65 housing ─ it’s “dust tight”, waterproof, and immersion-proofed.
The first release version of the router has an EU radio license; other versions with different licenses are in preparation. “With the Sinema Remote Connect management platform for VPN connections, users can access remote plants or machines easily and securely – even if they are integrated in other networks. The software also offers easy management and auto-configuration of the devices,” Siemens added.