4 Unusual Industrial IoT Flaws and How to Avoid Them

The development of Industry 4.0 has transformed enterprises worldwide, and the Industrial Internet of Things, or IIoT, has been a lifeline for the industrial sector over the years.

In contrast to consumer-oriented IoT devices, IIoT systems rely on interoperability across Information Technology (IT) and Operation Technology (OT) environments. In short, control systems (such as SCADA, PLCs, and so on) used in industrial operations are linked to IT systems (computers, networking devices) to transfer and process data required for the smooth running of a factory/manufacturing facility.

That begs the question: How secure is IIoT with all its complexities?

In 2015, a malware called Industroyer cyber-attacked Ukraine's power grid, causing a one-hour blackout in Kiev. This is only one of the recent significant attacks on Industrial Control Systems (ICS), demonstrating that IIoT is not without security issues.

This article will walk you through four unusual but critical IIoT vulnerabilities that industrial firms must avoid at all costs. We also go over the best solutions for each problem that can be implemented.

1. Zero-day Vulnerabilities in the Network

Stuxnet, a computer worm that specifically targeted Programmable Logic Controllers (PLCs) that automated and operated high-speed centrifuges used for Uranium enrichment, crippled Iran's nuclear programme a decade ago.

The unique malware caused damage that it physically destroyed 1000 to 2000 centrifuge units and infected over 200,000 PCs.

This malicious operation, carried out via a USB flash drive, was coordinated and carried out by exploiting four zero-day vulnerabilities in the Microsoft Windows OS network to which the PLCs were linked.

These vulnerabilities allow attackers to quickly infiltrate systems and exfiltrate valuable data while causing substantial damage to hardware equipment.

Solutions

The notoriety of zero-day vulnerabilities arises from the fact that their presence in software systems is typically unknown to both affected parties and providers for an extended period. Vulnerability scanning can be performed as a first step to detect faults in the Network.

Other helpful measures include strong password management, avoiding code execution on remote or removable devices (such as USB drives or CDs), deploying Intrusion Prevention Systems and web application firewalls, and installing Security Information and Event Management (SIEM) software.

The following can also be done:

Patch Management 

Regularly applying vendor-released software fixes and upgrades can reduce the likelihood of a zero-day attack resulting from newly found vulnerabilities.

Segmentation of the Network

By segmenting the Network into discrete, unique zones and imposing independent security policies for each zone, an ICS environment may be monitored and protected from potential malware assaults.

2. Devices with Predictable RSA Keys

Many investigations have found that a large proportion of IoT devices use extremely predictable RSA keys, which can lead to severe Man-in-the-middle (MitM) attacks. Because there is less entropy for producing correct random numbers for the keys, the restricted processing power of IoT devices exacerbates the situation.

MitM attacks (in which a third party intercepts two parties' communication) are frequent in consumer-related IoT devices such as smart refrigerators and smart vehicles. However, such attacks in the industrial sector cannot be ruled out.

An attacker, for example, can corrupt a smart actuator and, as a result, influence an industrial robot to depart from its designated tasks, resulting in significant consequences.

Solutions

An RSA key is obtained by multiplying two huge prime numbers (that should be hard to predict). The practical difficulty of factoring in the product (i.e., determining these component prime integers) will primarily define the key's security.

Entropy as a Service

This new service architecture uses quantum entropy sources to overcome the inherent lack of randomness in IoT/IIoT devices. In addition, the EaaS paradigm allows devices to produce critical cryptographic keys on their own, and the server has no access to these generated client keys, ensuring security.

Authentication on Both Sides

MitM attacks can be avoided by verifying that data from an authorised source is received by a smart actuator. This can be accomplished by establishing two-way authentication, in which both devices must validate their identities using cryptographic techniques.

3. SCADA MODBUS Protocol Flaws

MODBUS, PROFIBUS, and DNP3 are standard SCADA communication protocols to send control messages between field devices (master and slave).

MODBUS is the most vulnerable to cyber-attacks. MODBUS messages, which lack encryption and security protections by design, can be abused by threat actors to intercept data and deliver illegal commands to PLCs.

The protocol lacks confidentiality, integrity, non-repudiation, and authentication procedures, allowing attackers to access the SCADA network and conduct reconnaissance while causing DoS circumstances.

Unsupported function codes, Illegal Address Exception answers, and implementation issues while processing specific messages are all examples of common vulnerabilities.

Solutions

Traditional IT security measures, such as firewalls and anti-virus software, are less efficient in securing the MODBUS protocol. The optimum approach is to incorporate integrity, non-repudiation, and authentication features into the protocol, which are fundamentally lacking in its design and implementation.

SHA-2 Hash Functions

The integrity of a MODBUS packet can be ensured by SHA-2 hash functions, a collection of six cryptographic mathematical methods that assist a receiver (i.e., the slave) in computing the digest value of a received packet and comparing it to the value of the received message digest.

4. Malicious Code in Task Automation Programs

Many legacy programming languages used in industrial automation feature serious security vulnerabilities that attackers can utilise to develop sophisticated, undetectable malware in IIoT systems.

Unsecure programming in automation scripts (the basis of a machine's logic) allows threat actors to disrupt industrial robot operations, modify product quality, and even shut down an entire assembly line.

The remotely controlled malware will also replicate itself and target other vulnerable robots. This form of harmful code is difficult for developers to detect. Because of certain advanced features supplied by programming languages, it becomes buried under automation routines.

In 2017, malware called Triton infiltrated a Saudi petrochemical factory. It was designed to attack Schneider Electric's Triconex systems, which employ the TriStation application software. This attack demonstrates that malware aimed towards automation software could become a reality shortly.

Solutions

While it is challenging to solve the inherent design problems in industrial programming languages, several mitigation measures for preventing the detrimental impacts of malicious code can be implemented.

Standard methods such as vulnerability detection, patching, and cryptographic signing of code, as stated previously, apply here as well. Conducting source code reviews regularly will also assist.

Validation of Input Data

Data from other networks and systems must be validated by automation algorithms. This ensures that the data only contains the expected values and format required to correctly complete the machine's operations.

Handling Errors

Unhandled errors can disclose internal automation logic weaknesses to hackers. As a result, it is critical to perform adequate error handling to conceal vital information in a production setting.

Output Sanitization

The output must be done correctly to avoid data leakage via logging facilities, serial ports, consoles, etc. This also aids in the investigation of code injection issues.

Conclusion

IoT systems are well-known for their speed, dependability, and efficiency, which have been proved in various industrial sectors such as automotive, manufacturing, and food production, to name a few. However, the weaknesses inherent in this Industry 4.0 technology can wreak havoc on a huge scale, potentially bringing down a thriving corporation.

On the other hand, businesses may fully harness the power of IIoT and reach the pinnacle of success by taking a cautious approach to assuring security. And, given their expertise in this field, the top IoT developers are on hand to assist.