Due to the onset of the Coronavirus pandemic which has led to an increase in technology usage, it gives attackers an opportunity to more easily exploit critical infrastructure and the IoT environment that powers it.
As such, both technologies are now being described as a “soft target” for cybercriminals, for two main reasons. The first is that updates and patches to the Internet of Things environment is said to be, on the whole, unsophisticated, but mostly because hackers have realised that there are significant payouts involved in breaching IoT and critical infrastructure security. Let’s analyse this in more detail.
Breaches to critical infrastructure and IoT mean greater financial rewards
IoT technology and critical infrastructure are high-value targets for attackers. An example of this is the Oldsmar water plant attack which took place in Florida in February this year. Hackers attempted to change the pH level of the city’s water so that it was more acidic, putting the public and wildlife at serious risk. To do this, they increased the levels of sodium hydroxide by 100 times.
Another example is the Colonial Pipeline attack of May 2021, which involved cybercriminals using a password from the dark web to gain access to a virtual private network (VPN) and shut down the largest fuel pipeline in the U.S. Colonial. As a result, the hackers were paid US$4.4mn in ransom.
However, the payout was seized a month later by the U.S. Department of Justice with support from a ransomware task force it had set up after reporting that 2020 was one of the “worst years” for cyberattacks.
Speaking in a podcast about critical infrastructure attacks, Curtis Simpson, CISO at Armis, said: “The Operational Technology (OT) and Incident Command System (ICS) space is, honestly, the largest single attack vector with the greatest potential for impact. OT and ICS are powering some of the most critical infrastructures in the world; it’s critical operations.”
How can IoT technology and critical infrastructure be protected from cyberattacks?
With there being an increase in IoT attacks, it’s important to know a few ways to protect your critical infrastructure.
- Know where your connected devices are in your environment: The reason this is important is that it gives your visibility so that you can work out an effective plan in case the worst does happen.
- Regularly change your device passwords from default ones: To ensure that your environment is as safe and well-protected as possible, it is a good idea to change all of your devices’ default passwords to something that is personal to you. As a result, it will become much more difficult for those devices to be hacked.
- Separate your IoT networks: IoT devices should operate off of their own individual networks to prevent attackers from also gaining access to larger IT networks. Restricting these networks to only communicate with relevant known IP addresses also reduces the risk of attack.