A technology-led revolution, dubbed Industry 4.0, is gathering pace in the industrial world where traditional processes and legacy technologies are being replaced by smart devices, automated machines and advanced forms of computing.
The rise of Cyber Physical Systems (CPS), owing to exponential growth in technologies like the Internet of Things (IoT), artificial intelligence (AI), cloud, robots, drones, sensors, etc., is helping manufacturers improve efficiencies, productivity and the autonomous operation of production lines.
As smart factories and supply chains connect the production line to the outside world via IIoT, digitally connected industries are becoming increasingly appealing to cybercriminals, who now have the opportunity to hijack high-value targets. Last year, 41% of all ransomware attacks targeted OT. IoT attacks soared by 700% (registration required) during the pandemic, while infected IoT devices grew 100%.
There are several reasons why IoT and OT devices are attractive targets for cybercriminals. Here are the top five:
1. OT lacks adequate security: OT and IoT devices lack stringent security (security is often an after-thought), making them an attractive target for ransomware attacks. More than half of manufacturers believe OT assets are vulnerable to cyberattacks.
2. Absent updates and software patches: Researchers estimate there are millions of unpatched IoT and OT devices. Legacy devices also lack the ability to update their firmware, and this puts IoT devices at permanent risk of exploitation. Security teams often struggle to secure IoT and IIoT devices.
3. Growing skill and resource gap: There is a huge shortage of people with skills and knowledge of OT security. Security teams can be overwhelmed with security data, and the workload often exceeds staff capacity.
4. Potential to inflict extensive damage: The ransomware attack on the Colonial Pipeline showed how disruptive a cyberattack can be. Attacks on OT infrastructure can halt production, disrupt supply chains, cause widespread panic and uncertainty. According to Gartner, cyberattacks can result in loss of life.
5. Rising payouts and high bargaining power of attackers: Enterprises lose money for every minute their business is disrupted. Paying the ransom can seem like a prudent choice. Since targets hold significant value, cybercriminals make aggressive demands and successfully coerce victims into paying.
AI can help bolster industrial cybersecurity.
Cybersecurity in Industry 4.0 can’t be tackled in the same way as that of traditional computing environments. The number of devices and associated challenges are far too many. Imagine monitoring security alerts for millions of connected devices globally. IIoT devices possess limited computing power and, therefore, lack the ability to run security solutions.
This is where AI and machine learning come into play. ML can make up for the lack of security teams. AI can help discover devices and hidden patterns while processing large amounts of data. ML can help monitor incoming and outgoing traffic for any deviations in behavior in the IoT ecosystem. If a threat or anomaly is detected, alarms can be sent to security admins warning them about the suspicious traffic.
To sum up, organizations must carefully consider the security implications to have a successful Industry 4.0 journey. As connected devices take over legacy technology, it becomes increasingly difficult to fight cyber threats without the intervention of advanced AI. We need machines that protect themselves, without worrying too much about their ability to spy on your business or cause harm by partnering in crimes that can be committed against supply chains or customers.
The Malaysian Autonomous Intelligence & Robotics Association (MyAIRA) will be co-organizing a webinar on Cybersecurity together with the Malaysian South-South Association (MASSA) and the Expertise Resource Association (ERA) in association with the Malaysia-Japan Economic Association (MAJECA).
Mr James Morrison, the Senior Vice President at Shyield LLC who spent 22 years with the FBI as a Senior Computer Scientist, specializing in cybersecurity will be speaking about the “Edge” as the new frontier in security and cybercrime, IoT Security as the new paradigm, how to defend our devices and how can these devices be used against us by a cybercriminal.
Read the original article HERE