The Threat of IIoT Cyber Attacks

December 17, 2018

By: Will Mapp

In the case of many industrial settings, the IIoT is considered the answer for numerous challenges. The connectivity that’s the result of it assists in efficiency, productivity, and profitability. When it comes to utilities, IIoT helps manage the demand, and for public infrastructure, it can help governments in delivering better services, which include public safety as well.

However, according to SonicWall’s 2018 Cyber Threat Report, the IIoT is increasingly becoming the target of cyber attacks, which is a big problem as the IIoT is often unsecured and ignored.

Only in 2017, worldwide, there were around 9.3 billion malware attacks, and more than 12,000 new vulnerabilities and exposures. The report states that most executives see cyber attacks as the number one operations, financial, and business risk. They are such a big problem that some consider them a more significant threat than natural disasters. Several other reports also state a similar thing.

In recent years, many conditions and trends have made it so that cybersecurity events that target the OT side of IIoT increase dramatically.  

Industrial Control System (ICS) cyber-attacks increase from 2007 to 2017

These attacks have been happening since the late 1990s. However, they had only become mainstream in 2010. That was when the Stuxnet malware targeting SCADA system in Iranian uranium enrichment plant was discovered.

Stuxnet changed everything. Afterward, interest in the security for control systems significantly increased, because, at the time, security features were not part of the standard industrial control system equipment.

Furthermore, several new threats were exposed, and several attacks occurred over the years:

  • In 2013, Havex/Backdoor.Oldrea remote access Trojan that targets ICSs discovered.
  • In 2014, a SCADA-targeting version of BlackEnergy discovered. Its use is against ICS.
  • In 2014, hackers took control of ICS in a German steel mill and caused massive physical damage.
  • In 2016, Russian hackers cause blackouts in Ukraine by hacking the energy grid with the Industroyer/CrashOverride malware.
  • In 2017, the WannaCry worldwide ransomware attacks targeted vulnerabilities in Windows-operating computers. NotPetya attacks followed those. Because of these two major ransomware attacks, the DHS issued more warnings to manufacturers and infrastructure owners about ICS vulnerabilities. In the end, the DHS and FBI issued a joint alert which stated that several attacks began targeting the ICS of the US.
  • In December 2017, the first malware designed to attack ICS revealed – the TRITON/TRISIS malware framework.

If all of these weren’t enough, as 2018 started, cyber events also began to escalate:

  • Many vulnerabilities in the Meltdown and Spectre microprocessors were discovered.
  • USA has identified Russia as the source of many attacks on US infrastructure and manufacturing.
  • A revised version of TRITON/TRISIS started attacking more brands and security hardware and managed to breach several US firms.
  • Further vulnerabilities were detected in several types of industrial hardware and software.

These attacks and other cyber events don’t seem to show any signs of stopping, which is why it’s becoming more and more important to focus on cybersecurity and getting better systems that will help stave off these attacks.

Related Articles



Editor’s Pick: Featured Article

Weidmüller’s u-control 2000: The Automation Controller

Weidmüller’s u-control 2000: The Automation Controller

Weidmüller’s scalable engineering software, u-control 2000, adapts individually to your requirements. And, the u-control is powerful, compact and fully compatible with Weidmüller’s I/O system u-remote. This article looks at what makes u-control the heart of your automation.

Programmable logic controllers (PLCs) are one of the main components of any automated system. A typical control system has inputs, outputs, controllers (i.e., PLCs), and some type of human interaction with the system, a human machine interface (HMI), for example.

Read More



Latest Articles

  • Functional Safety, Industrial Security and Explosion Protection for the Hydrogen Industry

    September 30, 2024 Hydrogen (H2) is considered the energy source of the future. It will play a key role in the transition to a sustainable power supply. Pilz is contributing to this transition by optimising the generation of green hydrogen from renewable energy sources such as wind power or photovoltaics as well as the safe… Read More…

  • ABB Technology Helps Make Scientific Discoveries from Space

    September 30, 2024 Recent scientific discoveries reported by the Canadian Space Agency expose a chemical process in the atmosphere through which intense wildfires contribute to ozone layer depletion. These discoveries have been made possible by ABB technology on board the SCISAT satellite. Introduction Launched in 2003, the Canadian Space Agency’s SCISAT satellite tracks changes in… Read More…