Who has control of your control systems?
Cybercriminals are constantly probing consumer IoT devices such as home routers, IP cameras and printers to find access points into the network. Once they have access, they can disrupt network functions, gather critical information and deliver malicious payloads. At the other end of the spectrum, cybercriminals also probe critical infrastructures to target high-end industrial control systems (ICS) and SCADA technologies for the same purposes.
There is also a middle ground that criminals are focusing on: A growing line of control systems for residential and small business use. These smart systems have garnered comparably less attention than their industrial counterparts, but that seems to be changing.
Targeting control devices
Data revealed a small but significant shift in attention toward this middle ground of control systems, according to Fortinet’s Q2 2019 Threat Landscape Report.
A signature related to building management solutions was found to be triggered in 1% of organizations, which may not seem like much, but it is higher than typically seen for ICS or SCADA products.
Securing control systems
Imagine the harm a resourceful criminal could do with access to any number of these types of devices, including environmental controls, security cameras and safety systems. This is why the security of smart residential and small business systems deserves elevated attention.
Cybercriminals are watching closely for opportunities to commandeer control devices in homes and businesses. Unfortunately, cybersecurity in these venues, especially for devices traditionally considered to be isolated from traditional attacks, is not always straightforward and sometimes falls outside the scope of traditional IT systems.
However, securing these control systems is clearly necessary. The nature of IoT, including its endless number of endpoints and ever-growing volume of data and application traffic, make the task daunting. Fortunately, segmentation and network access control (NAC) solutions are a reliable foundational strategy to build on to protect company resources. When these solutions are in place, visitors and unauthorized devices seeking network access are connected to a guest network by default, critical resources — such as financial data — are isolated from the rest of the network, and all sensitive communications are automatically encrypted.
What’s so beneficial about segmentation is that when countermeasures fail in one part of the network, segmentation protects other areas from being compromised. Network and device segmentation should address:
- Access management: NAC combined with intent-based segmentation enables businesses to identify devices and impose strict access controls based on user, role, device type or even applications; a critical risk management solution for today. As devices either initiate a new network connection or as traffic or applications attempt to cross network segments, access control combined with inspection helps establish secure perimeters around critical resources by identifying and preventing the spread of malware.
- Risk assessment: Businesses can use data, devices, users, locations and threat intelligence feeds — along with a host of other criteria — to identify threat categories and assess risk in real time.
- Policy and device management: Seeing all devices and their related activity, including IoT devices, allows IT teams to appropriately set policies to manage risk across the network.
- Control: By treating those parts of the network that interact with IoT devices differently, companies can better control risks from a policy standpoint.
Forewarned is forearmed
A veritable Pandora’s Box of threat vectors has been opened in most networks and cannot be closed. Instead, they must be constantly monitored to help businesses understand the cyber risks they face.
One of the latest vectors is attacks on IoT-powered control systems within businesses. Access to one device in the system may grant access to any other device in that system, with the potential for significant business disruption. By segmenting their networks, organizations will limit exposure should an intruder get in and keep their critical assets secure.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.