Security Professionals Expect More Attacks On IIoT in 2017

As technology vendors race to create more and more devices connected to the Internet of Things (IoT) the opportunity for hackers to get into these devices grows larger and larger, as these IoT devices are usually made with little to no regard for security.

The fears of a large-scale attack waiting to happen were solidified this week when security firm Tripwire released the results of a study it performed about the rise of industrial IoT deployment in organizations, and to what extent it is expected to cause security problems in 2017. The IIoT includes segments ranging from critical infrastructure such as energy and utilities all the way to government, health care and finance. Not surprisingly, more than 50 percent of the security professionals surveyed said they weren’t prepared for an IIoT attack, and 96 percent expected to see an increase in such attacks this year.

“Industry professionals know that the Industrial Internet of Things security is a problem today. More than half of the respondents said they don’t feel prepared to detect and stop cyber attacks against IIoT,” said said David Meltzer, CTO at Tripwire. “There are only two ways this scenario plays out: Either we change our level of preparation or we experience the realization of these risks.”

 The one glimmer of light in the data is that 64 percent of respondents say they already are recognizing the need to protect against IIoT attacks. Security tends to lag behind when a new platform or technology emerges, and IIoT is proving to be no exception to that rule.

“As industrial companies pursue IIoT, it’s important to understand the new threats that can impact critical operations. Greater connectivity with operational technology (OT) exposes operational teams to the types of attacks that IT teams are used to seeing, but with even higher stakes,” Robert Westervelt, research manager at IDC, said in a statement.

“The concern for a cyber attack is no longer focused on loss of data, but safety and availability. Consider an energy utility as an example – cyber attacks could disrupt power supply for communities and potentially have impact to life and safety.”

Scroll to Top