Security

Why Energy and Utility Companies Need to Invest in IoT Security

Protecting distributed devices and related systems requires careful planning and robust IT security solutions.

The Internet of Things is invigorating energy and utility companies, enabling them to take advantage of new business-enhancing and cost-saving technologies and practices. IoT offers, among many other things, the continuous monitoring of widely distributed operations, automated remote infrastructure control and the deployment of efficient smart-grid technologies.

Most importantly, IoT devices generate a continuous stream of Big Data, opening the door to deeper business insights and more informed decision-making.

But these benefits come with some risks. As organizations invest deeply in IoT-enabled monitoring, automation and data-gathering technologies, security risks grow, magnified by the fact that critical infrastructure is an irresistible target for cyberattackers.

“Utilities have a great deal of experience installing and managing different types of controls and monitors,” observes P.K. Agarwal, former CTO for the state of California and currently the regional dean and CEO of Northeastern University-Silicon Valley. “The challenge today, as a new generation of sensors is connected to the internet, is ensuring that the devices and the data they generate are protected from attackers and eavesdroppers.”

Although IoT adoption is just starting to take off, threat reports are already beginning to appear. First out of the gate, discovered in August 2016, was Mirai malware, which turns networked devices into remotely controlled nodes that can be used as part of a botnet in a large-scale distributed denial of service network attack. Devices infected with Mirai continuously scan the internet for IP addresses of IoT devices.

“Energy and utility companies represent high-value targets for external attackers, and their broad geographic diversity presents a challenge with a highly distributed attack surface,” observes John Reno, IoT product and solutions marketing manager for Cisco Systems. “Security risks from insiders and contractors represent an important group to consider in risk assessment as well.”

Utilities Need to Deploy Multiple Layers of Defense

IoT security threats are persistent and rapidly evolving. “Knowing that protecting every asset from every potential threat is not realistic, utilities instead manage their risk by deploying defense-in-depth strategies,” says Joy Ditto, president and CEO of the Utilities Technology Council, an industry trade organization.

Data encryption is one of the most powerful security tools available to IoT adopters. “The risks associated with IoT communications within energy and utility companies drives the requirement for encryption throughout the distributed IoT infrastructure,” Reno says.

Like Reno and most other security experts, Richard Ku, senior vice president with Trend Micro, believes that encryption is most effective when used wherever IoT data travels.

“All communication between endpoints and sensors to the edge and then to the cloud must be encrypted so that the data cannot be compromised and manipulated,” he says.

Authentication technology is also widely used to ensure that only approved users gain access to IoT networks and related systems. “Accessing information in the device, edge server or the cloud must require authentication and authorization with the right privilege to ensure no one can compromise the utility environment,” Ku says.

Next-generation firewalls are another important IoT security tool, offering features such as application awareness, stateful inspection and integrated intrusion protection system technology. “Next-generation firewalls offer security and operations teams important capabilities for segmentation, application visibility and threat management,” Reno says.

Physical security, including site access controls and surveillance technologies, constitute yet another essential part of the IoT security mosaic. Access control technologies, such as password-protected cabinets and gates, help energy and utility companies secure physical network assets against tampering and destruction. Video analytics solutions scrutinize live images in real time to detect unusual activities that could pose a threat to IoT technologies. “Video monitoring provides an important tool in mitigating physical security risks and protecting high-value assets,” Reno says.

In addition to managing cyberthreats and physical security, energy and utility companies must also address the business risks created by unplanned downtime caused by natural disasters, equipment failures and worker safety incidents. Agarwal notes that IoT technology itself can help companies prevent or shorten downtime while also protecting staff from the possibility of serious injury.

“A service team, for example, could get a text message, or some sort of warning automatically initiated by a sensor, indicating that a transformer at a specific location is malfunctioning and at risk of failing,” he says. “After viewing the data, the team would know what types of tools and safety gear would be needed to address the situation before a catastrophic failure occurs.”

Outsmarting IoT Attackers

IoT attackers, frequently backed by international criminal gangs, are generally well financed and intelligent. To defend their IoT systems against these sophisticated threats, energy and utility organizations must take a smart approach.

“Most of the cyberthreats known today will continue to exist and impact IoT devices and platforms, and we will see new and unknown types of attacks in the IoT space,” says Ku of Trend Micro. “Behavior technology, machine learning and threat intelligence will continue to provide threat prediction, detection and prevention.” Here’s how:

Behavioral analytics: These tools monitor networks for suspicious activities. Relying on a baseline of “normal” actions specific to an organization and its users, behavioral analysis tools quickly discern deviations from the norm that suggest the need for further investigation. Unusual behavior by itself may not indicate a problem, but after an analytics solution signals an alert, a security expert makes the final determination.
Machine learning: Artificial intelligence is now crucial to cybersecurity, protecting organizations from attacks and identifying potential threats. Machine learning relies on advanced algorithms that can assimilate normal user and device network activity patterns and detect anomalies. The approach mimics how the human immune system identifies and responds to threats.
Threat intelligence: The collection of information about existing or emerging network threats (such as context, mechanisms, indicators and implications) can help security experts reach informed decisions about how to mount a strong defense.

were1962/Getty Images