Search This Blog

Fixing Insecure Operational Technology That Threatens the Global Economy

A CAN-based approach to fixing insecure operational technology that threatens the global economy.

 


Considering the widespread technology leading to cyberattacks, the demand for work to safeguard the systems and networks also increases. Many techniques have been developed for protecting bits and bytes of computer networks, yet no such method has been discovered for strengthening the physical framework which handles the world’s economy. 

In many countries, operational technology (OT) platforms have largely polluted traditional physical infrastructures as they have been able to computerize their entire physical infrastructure, whether it is buildings, bridges, trains, and cars, or the industrial equipment and assembly lines that work hard to generate an economy's wealth. Even after so many updates in the tech world, if there is any cyberattack with new technology on things like planes or beds, it will be completely whimsy. There is a definite requirement to take proper care and actions to avoid destructive damage caused due to such attacks.  

Consider, for instance, a scenario in which our country's northeast regions are left without heat in the middle of a brutal cold snap. This is the result of an attack on an energy plant. If such an attack was carried out, imagine the enormous amount of hardship that would be caused and even death - as homes would turn dark, businesses would lose customers, hospitals would have trouble operating, and airports would be shut down. 

The first idea was that this kind of cyber threat could be a prime target for physical infrastructure when the Stuxnet virus emerged over a decade ago. At least 14 industrial sites, including a uranium enrichment plant in Iran, were infected by a malicious threat known as Stuxnet, which inserted malware into the software. 

Built-in vulnerabilities 

Operational technology manufacturers have always had a problem in which they did not design their products with security in mind when they developed them. Thus, trillions of dollars worth of OT assets are incredibly vulnerable today, which has led to tremendous financial losses. Almost all the products in this category are designed to use microcontrollers that communicate over controller area networks (CANs), which are insecure. 

As well as for passenger vehicles and agricultural equipment, the CAN protocol is used in an extensive range of other products, such as medical instruments and building automation systems. However, it does not include mechanisms for supporting secure communications. Additionally, it lacks authentication and authorization. When a CAN frame is sent, it does not involve any information about the sender's address hence the recipient's address cannot be determined from the CAN frame. 

Thus, there has been a considerable increase in the vulnerability of CAN bus networks to malicious attacks, as a consequence, especially with the expansion of the cyberattack landscape. We, therefore, need to come up with more advanced approaches and solutions to better secure CAN buses and protect vital infrastructures to better secure them. 

As we examine what can happen if a CAN bus network is compromised, let us first examine what might happen if we consider what this security should look like. Several microprocessors are interconnected by a CAN bus. They act as a communication channel that is shared by all of them. The CAN bus makes it possible for several systems within an automobile. For example, to communicate seamlessly over a common channel. The CAN bus allows the engine system, combustion system, braking system, and lighting system to operate seamlessly in communicating.

However, hackers can still send random messages in compliance with the protocol and interfere with CAN bus communication because it is inherently insecure. Consider the havoc that would ensue if even a small-scale hack of an automated vehicle occurred, transforming these cars into a swarm of potentially lethal objects, causing an unimaginable amount of disaster and mayhem. 

As much as the automotive industry is facing the challenge of designing a well build, embedded security mechanism to protect CAN, the challenge is that it must achieve high fault tolerance while keeping costs low. Ultimately, these startups will be able to defend all our physical assets, including planes, trains, and manufacturing systems from cyberattacks. 

How OT Security Would Work 

How would such a company look if it existed? By intercepting data from the CAN and deconstructing the protocol, this kind of application could enrich and alert anomalous communication traffic traversing the OT data bus. This is ranging the CAN. An operator of high-value physical equipment, having such a solution installed, would be able to gain real-time, actionable insight into anomalies and intrusions within their systems - and hence would be better equipped to thwart any cyberattacks that may occur. 

Usually, this type of company comes from the defense industry, but it can also come from other sectors. As well as having the potential to examine various machine protocols, it will also have a lodged data plane with deep foundational technology. 

A $10 billion-plus opportunity can easily be created with the right team and support. Protecting the physical infrastructure of our country is one of the most imperative obligations that we have. Hence, there is a clear need for new solutions, concentrated on hardening critical assets against cyberattacks, which can provide a practical solution to the problem.
Share it:

CAN

Cyber Security

Operational Technology

Vulnerabilities