IoT Devices Are Essential For Securing Critical Infrastructure: How Do We Secure Them Against Emerging Threats? (Guest blog by Genetec)
In April 2022, cybersecurity authorities in the United States, Australia, Canada, New Zealand, and the United Kingdom released a joint Cybersecurity Advisory to warn organisations that the conflict between Russia and Ukraine could expose organisations within and beyond the region to increased malicious cyber activity.
The statement rightly raised the alarm for critical national infrastructure operators across the globe. Firstly, the impact of a cyber breach into the network that controls whether a country can keep the lights on or drink clean water would be devastating. It has potential to destabilise economies, discredit government national security policies, and open the door to civil unrest.
Secondly, it is the case that most cyber-attacks are not intended to compromise the physical safety of people or property. Instead, these attacks target applications, files and data managed by IT. An attack that originates in a physical security device can find its way through the network to block access to critical applications; lock and hold files for ransom; and steal personal data.
Herein lies the factor that exacerbates the problem: critical infrastructure, with its huge number of physical security devices, has created a massive attack surface for itself. Vital security operations, including 24-hour monitoring of isolated facilities and remotely controlled access for maintenance tasks, are enabled through hundreds or even thousands of cameras and access control points, as well as a range of other alarm and communications solutions.
It may seem ironic that a physical security solution designed to protect people and property can provide an entry point for cybercriminals. But because these systems are increasingly connected to a range of IoT devices, networks, and IT infrastructure, they can be vulnerable to attack. In the midst of geopolitical conflict, such devices are essential for securing physical assets from harm or sabotage, but the cybersecurity threat that has emerged must be given equal consideration.
Hackers seeking entry points into the system will be looking for networks with an outdated design that does not match the security demands of internet, Wi-Fi or cellular connections. Devices that are ageing or poorly maintained may have outdated firmware that provide inadequate protection against cyber threats. It is imperative for security teams working in critical infrastructure to complete regular posture assessments for an accurate inventory of the health of devices and identify the threats they may pose.
A convergence of physical and cybersecurity often requires a combined response from security and IT teams. In doing this, a collaborative effort can be made toward a comprehensive security programme based on a common understanding of risk, strategies, and practices. Responsibilities can be shared for device health checks and software updates, so that all resources are pulling toward the same goal.
It also gives each team a clearer idea of where budgets can be pooled to replace hardware, software, or deploy a security solution that works for everyone. One effective approach is to unify physical and cybersecurity devices and software on a single, open architecture platform with centralised management tools and views.
The IoT security threat has emerged from the current climate of geopolitical uncertainty. Teams responsible for protecting critical infrastructure must be extra vigilant against malicious cyber activity targeting their networks. Steps must be taken urgently to deploy solutions that connect the gap between physical security and cyber threats in a ways that protect critical infrastructure from becoming a casualty of conflict.