IoT security: How these unusual attacks could undermine industrial systems

Researchers uncover potential new attack vectors for hackers to gain access to Industrial IoT environments - and warn against the perils of blind spots in security of important infrastructure.

When Industrial IoT networks are not segmented, they bring about trouble
0:53

Hackers could target smart manufacturing and other industrial environments with new and unconventional cyberattacks designed to exploit vulnerabilities in ecosystems that are supporting the Industrial Internet of Things (IIoT), according to academics and security company researchers.

Researchers at cybersecurity company Trend Micro and experts at the the Polytechnic University of Milan examined how hackers can exploit security flaws in IIoT equipment to break into networks as a gateway for deploying malware, conducting espionage or even conducting sabotage.

While these networks are supposed to be isolated, often there can be links with the general office systems across an organisation, especially if there isn't segmentation on the network.

SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)

Putting smart manufacturing systems on their own dedicated network is common practice, as is treating them 'like black boxes' said the report, in the sense that it is assumes that nobody will ever be able to compromise them. However, increasingly vendors are pushing for wireless networks on the factory floor, with things such as industrial robots directly connected to them. 

Performing tests against real industrial equipment in the safety of the University of Milan's Industry 4.0 lab, researchers uncovered a number of ways attackers could exploit vulnerabilities to gain access to smart manufacturing environments.

One example of this came when it was discovered there were vulnerabilities in a particular application that is used to help design and build robots and other autonomous systems, enabling attackers with access to the development network to install unverified add-ins.

These could be used to monitor the entire development process – and providing the attackers with the means to gain access to and control the network that a smart device is run on, jumping from the device to other systems and a potential means of espionage.

Fortunately, researchers have already been in touch with the application providers behind the software vulnerabilities that were found – and this particular loophole has been closed.

But that wasn't the only method researchers found they could exploit to gain access to smart networks by modifying an IIoT device to such an extent they can exploit it to control or modify how an operational environment works. Attackers would likely gain access to it via a vulnerability in the software supply chain of the device, perhaps in the method described above.

This is particularly concerning when it comes to sensors and monitoring systems, which depending on the circumstances can do everything from providing alerts on when maintenance is needed, to actively controlling anything from the temperature of an environment to physical systems.

But with access to such systems, an attacker could alter readings on the network, so as to not give away that any suspicious activity is happening, even if they are making adjustments to functionality.

Alternatively, attackers could be much much less subtle, either by using a network of trojanized devices to take down a network in a DDoS attack, or by controlling devices that set off alarms or do other highly noticeable activities. Other potential ways onto these networks include compromised workstations or the app stores that are now being developed to offer add-ons for industrial systems.

All of these scenarios serve as an active reminder that if not properly managed, cyber-physical systems can be compromised and exploited in a variety of ways.

"Attackers are not sitting back and hoping for a high-profile, vulnerable smart-manufacturing system to pop up on search engines like Shodan, ready for them to attack. We believe that unconventional attack vectors such as the ones we explore are more likely for an advanced attacker profile. This possibility is increased by the fact that smart-manufacturing systems, while made of hardware, live in an ecosystem with an intricate net of interdependencies," the report said.  

SEE: IIoT security: Why it matters, why it needs to be much better

"Past manufacturing cyberattacks have used traditional malware that can be stopped by regular network and endpoint protection. However, advanced attackers are likely to develop operational technology specific attacks designed to fly under the radar," said Bill Malik, vice president of infrastructure strategies for Trend Micro.

However, there are ways to help protect smart industrial systems from being compromised. Where possible, IIoT systems should be completely segmented from the rest of the network, however, this can't always be the case.

Therefore, organisations should run regular integrity checks on devices on the network in an effort to spot any altered software – and then replace it if that's the case.

Large organisations could also play a role in monitoring the security of their supply chain in order to ensure that vulnerabilities don't enter the ecosystem before they've reached their own environment.

MORE ON CYBERSECURITY