- IoT technology is enriching our critical infrastructure, including water management, energy distribution, and transportation.
- This technology makes our lives easier but can also leave us vulnerable to cyberattacks.
- Cisco has developed tools to help assess and manage IoT risk.
There was a time when a traffic light was just a traffic light. Today it’s a smart device connected to a citywide network that knows how bad road congestion is three blocks ahead and makes decisions accordingly.
It now may also be a vector for cyberattacks.
It’s one example of a massive upgrade to our critical infrastructure that promises to make life more efficient but also comes with its share of risks.
Across the US, organizations are upgrading critical infrastructure that keeps society safe and functional. Thanks to the Internet of Things, or IoT, static and disconnected devices are becoming dynamic and connected.
Our cities are inflection points for this modernization. They’re coping with growing population pressure by transforming critical systems including water management, energy distribution, and transportation.
The result? Street lights can now sense people moving underneath them and dim themselves when there’s no one around, saving energy. Smart energy meters balance electricity loads and encourage more efficient resource usage. And sensors monitor traffic flow, adjusting signals accordingly to reduce delays at intersections.
These measures can have significant social and environmental effects. In Caldas da Rainha, Portugal, officials detected a 200,000 liter water leak using sensors connected by a Cisco-powered wireless IoT network, and have reduced water management costs by a third.
But IoT networks come with significant risks. Connecting critical infrastructure to networks makes them vulnerable to cyberattacks.
Critical infrastructure at risk
The operational technology, or OT, systems underpinning critical infrastructure operate at a different cadence than traditional IT systems. Whereas many IT systems see security patches every month, OT devices might not be patched for years.
“As many of these systems are critical to our way of life, they can’t just take them offline to install a patch or reboot after an update,” Vikas Butaney, VP and GM of the IoT business group at Cisco, says. “They take many hours to safely shut down and sometimes days to bring back up online.”
Researchers have gamed out potential attacks with frightening results. In 2018, University of Michigan researchers demonstrated how they could attack connected traffic-management systems to bring downtown traffic to a standstill.
Other attacks have already happened. A 2019 ransomware attack on Norsk Hydro initially targeted its administrative IT systems but put the company into such disarray that it had to halt aluminum production, closing plants around the world.
Attacks against infrastructure show no signs of slowing. The World Economic Forum’s 2020 Global Risk Report showed that 76.1% of people expected cyberattacks on infrastructure to increase.
How cybersecurity companies can help
Security companies with proven expertise in OT are helping critical infrastructure providers tackle the risks. Cisco has expertise in both OT and conventional IT systems. That’s important because attackers will often use IT systems as a vector to attack OT networks.
“We have developed a framework and software-based network security solution that starts with visibility and asset identification,” Butaney said. “Policies can be applied, segmentation can be easily created and enforced, and ultimately continuous monitoring of the OT network can be a reality.”
Cisco helps critical infrastructure providers map their complex control networks using the Cisco Cyber Vision tool, which focuses on protecting a critical infrastructure provider’s infrastructure without changing it.
Instead of adding more appliances to a sensitive OT network, this tool catalogs its connected assets, maps its communication patterns, and discovers misconfigurations and threats.
This data flows through integrations into Cisco’s portfolio of security solutions. For example, Cisco Identity Services Engine, or ISE, is a security policy management platform that enforces access policies for network resources to ensure that only the right people and devices get to connect with critical infrastructure resources.
Another tool in Cisco’s portfolio, the Cisco ISA 3000 rugged firewall, helps protect OT networks from external threats. Specifically built for OT environments, it segments control networks and watches industrial communications protocols for signs of malicious activity.
Attackers need to get lucky only once as they try to break down America’s critical systems. Defenders must be successful every time.
The race is now on to protect critical infrastructure from attack, and the design choices that we make now will have profound effects in the future.
This post was created by Insider Studios with Cisco.
Real Life. Real News. Real Voices
Help us tell more of the stories that matterBecome a founding member
Subscribe to the newsletter news
We hate SPAM and promise to keep your email address safe