K
Kathleen Martin
Guest
The energy sector’s adoption of Internet of Things tools has continued to increase over the past few years, and it shows no signs of slowing down. Tools such as smart meters have provided flexibility and resilience, as well as cost savings.
Along with those benefits, however, come new security concerns. According to a McKinsey article on the topic, “utilities have geographic vulnerabilities in consumer-facing devices (either utility owned or simply grid connected) that may contain cyber vulnerabilities that could compromise either a company’s revenue or the overall security of the grid.”
Each IoT device is a potential target for cybercriminals. As Trend Micro notes in a company blog post, “IoT security is critical largely because of the expanded attack surface of threats that have already been plaguing networks. Adding to these threats are insecure practices among users and organizations who may not have the resources or the knowledge to best protect their IoT ecosystems.” The post notes that these security issues include vulnerabilities, malware, escalated cyberattacks and device mismanagement.
Safeguarding Data in an Expanding Threat Landscape
Security is top of mind for the energy sector in the wake of highly publicized ransomware attacks on utilities over the past year. But the attack surface has broadened even further as energy providers have rolled out IoT devices during the pandemic.
Most utilities serve large geographical areas, and unmanned IoT devices have made it more possible to provide uninterrupted service from a more stable grid. However, as McKinsey points out, “both geographic distance and organizational complexity make the industry vulnerable to cyberattacks.”
Still, cyberthreats are not insurmountable if companies take a structured approach to security “that applies communication, organizational, and process frameworks along with technical improvements in a few areas can significantly reduce cyber-related risks for utilities,” according to McKinsey.
Common Security Concerns Presented by IoT Devices
Despite their many benefits, IoT devices can become security concerns “by giving cyber criminals access to connected networks, enabling them to steal critical corporate data and user credentials,” according to Fortinet. “Organizations therefore must understand how to secure IoT devices and recognize the top IoT vulnerabilities they face.”
Among the vulnerabilities Fortinet lists, the use of weak and recycled passwords is a common issue. Insecure networks also present a security risk: “Insecure networks make it easy for cyber criminals to exploit weaknesses in the protocols and services that run on IoT devices. Once they have exploited a network, attackers can breach confidential or sensitive data that travels between user devices and the server.”
Improper device management and failing to regularly update and patch software programs can also contribute to a breakdown of security for IoT devices. “This is because vulnerabilities can come from any layer of IoT devices. Even older vulnerabilities are still being used by cybercriminals in order to infect devices, demonstrating just how long unpatched devices can stay online,” according to Trend Micro.
Continue reading: https://biztechmagazine.com/article/2022/02/what-utilities-should-know-about-iot-security
Along with those benefits, however, come new security concerns. According to a McKinsey article on the topic, “utilities have geographic vulnerabilities in consumer-facing devices (either utility owned or simply grid connected) that may contain cyber vulnerabilities that could compromise either a company’s revenue or the overall security of the grid.”
Each IoT device is a potential target for cybercriminals. As Trend Micro notes in a company blog post, “IoT security is critical largely because of the expanded attack surface of threats that have already been plaguing networks. Adding to these threats are insecure practices among users and organizations who may not have the resources or the knowledge to best protect their IoT ecosystems.” The post notes that these security issues include vulnerabilities, malware, escalated cyberattacks and device mismanagement.
Safeguarding Data in an Expanding Threat Landscape
Security is top of mind for the energy sector in the wake of highly publicized ransomware attacks on utilities over the past year. But the attack surface has broadened even further as energy providers have rolled out IoT devices during the pandemic.
Most utilities serve large geographical areas, and unmanned IoT devices have made it more possible to provide uninterrupted service from a more stable grid. However, as McKinsey points out, “both geographic distance and organizational complexity make the industry vulnerable to cyberattacks.”
Still, cyberthreats are not insurmountable if companies take a structured approach to security “that applies communication, organizational, and process frameworks along with technical improvements in a few areas can significantly reduce cyber-related risks for utilities,” according to McKinsey.
Common Security Concerns Presented by IoT Devices
Despite their many benefits, IoT devices can become security concerns “by giving cyber criminals access to connected networks, enabling them to steal critical corporate data and user credentials,” according to Fortinet. “Organizations therefore must understand how to secure IoT devices and recognize the top IoT vulnerabilities they face.”
Among the vulnerabilities Fortinet lists, the use of weak and recycled passwords is a common issue. Insecure networks also present a security risk: “Insecure networks make it easy for cyber criminals to exploit weaknesses in the protocols and services that run on IoT devices. Once they have exploited a network, attackers can breach confidential or sensitive data that travels between user devices and the server.”
Improper device management and failing to regularly update and patch software programs can also contribute to a breakdown of security for IoT devices. “This is because vulnerabilities can come from any layer of IoT devices. Even older vulnerabilities are still being used by cybercriminals in order to infect devices, demonstrating just how long unpatched devices can stay online,” according to Trend Micro.
Continue reading: https://biztechmagazine.com/article/2022/02/what-utilities-should-know-about-iot-security
