The industrial internet of things (IIoT) technology offers benefits in production-line tracking and remote worksite management, but the difficulty in developing IIoT security standards could wreak havoc, the likes of which we have never seen.
Major attacks on critical infrastructure have already occurred in Ukraine and Germany. In 2010, information about the now infamous Stuxnet virus came to light, detailing how it had been designed to ruin hundreds of centrifuges used in Iran’s uranium enrichment program. It was the first time a digital weapon was intentionally used by a nation-state to physically damage an adversary’s industrial control system.
The US Department of Homeland Security has identified 16 sectors that it considers to be vital components of critical infrastructure, including ‘commercial facilities’—shopping and convention centers, office and apartment buildings, and other sites where large numbers of people gather—emergency and financial services, and information technology. In May 2017, President Donald Trump issued an executive order to further strengthen the cyber security of the nation’s critical infrastructure.
Disrupting utilities that power an entire city could cause more damage than traditional terror tactics such as bombings, and can be performed externally with more anonymity. Severe storms and weather catastrophes give us an idea of the damage a loss of power can cause. When Hurricane Irma damaged a transformer causing air conditioning to fail, 12 residents at a Florida nursing home died of suspected heat-related causes.
The risks associated with industrial control systems don’t only affect human safety; they threaten the environment as well. In Australia’s first case of industrial hacking in 2000, Vitek Boden compromised the Maroochy Shire Council water system, sending a million liters of sewage into parks and waterways.
Our heavy reliance on connected devices means that exploitation of internet-dependent platforms can cause not only physical disruption, but also financial chaos. The Economic Financial Forum damage caused by an attack against a cloud-computing firm could equal or surpass that caused by Hurricane Katrina. That fact further supports the notion of switching the focus from physical infrastructure to critical services.
In the automation sector, the best way to safeguard against a cyber attack is to ensure communication between service provider and client is secure. getPlus from NOS Microsystems works in this regard by bypassing all firewalls and proxies to deliver the latest software updates and ensure systems remain protected.
The eDelivery ecosystem has been developed by experts in cyber security.