How to fix insecure operational tech that threatens the global economy.
Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.
Today, with the rampant spread of cybercrime, there is a tremendous amount of work being done to protect our computer networks — to secure our bits and bytes. At the same time, however, there is not nearly enough work being done to secure our atoms — namely, the hard physical infrastructure that runs the world economy.
Nations are now teeming with operational technology (OT) platforms that have essentially computerized their entire physical infrastructures, whether it’s buildings and bridges, trains and automobiles or the industrial equipment and assembly lines that keep economies humming. But the notion that a hospital bed can be hacked — or a plane or a bridge — is still a very new concept. We need to start taking such threats very seriously because they can cause catastrophic damage.
Imagine, for instance, an attack on a major power generation plant that leaves the Northeast U.S. without heat during a particularly brutal cold spell. Consider the tremendous amount of hardship — and even death — that this kind of attack would cause as homes go dark, businesses get cut off from customers, hospitals struggle to operate and airports shut down.
The Stuxnet virus, which emerged more than a decade ago, was the first indication that physical infrastructure could be a prime target for cyberthreats. Stuxnet was a malicious worm that infected the software of at least 14 industrial sites in Iran, including a uranium enrichment plant.
The Stuxnet virus has since mutated and spread to other industrial and energy-producing facilities all over the world. The reality is that critical infrastructure everywhere is now at risk from Stuxnet-like attacks. Indeed, security flaws lurk in the critical systems used in the most important industries around the globe, including power, water, transportation and manufacturing.
The problem is that operational technology manufacturers never designed their products with security in mind. As a result, trillions of dollars in OT assets are highly vulnerable today. The vast majority of these products are built on microcontrollers communicating over insecure controller area network (CAN) buses. The CAN protocol is used in everything from passenger vehicles and agricultural equipment to medical instruments and building automation. Yet it contains no direct support for secure communications. It also lacks all-important authentication and authorization. For instance, a CAN frame does not include any information about the address of the sender or the receiver.
As a result, CAN bus networks are increasingly vulnerable to malicious attacks, especially as the cyberattack landscape expands. This means that we need new approaches and solutions to better secure CAN buses and protect vital infrastructure.
Before we talk about what this security should look like, let’s examine what can happen if a CAN bus network is compromised. A CAN bus essentially serves as a shared communication channel for multiple microprocessors. In an automobile, for instance, the CAN bus makes it possible for the engine system, combustion system, braking system and lighting system to seamlessly communicate with each other over the shared channel.
But because the CAN bus is inherently insecure, hackers can interfere with that communication and start sending random messages that are still in compliance with the protocol. Just imagine the mayhem that would ensue if even a small-scale hack of automated vehicles occurred, turning driverless cars into a swarm of potentially lethal objects.
The challenge for the automotive industry — indeed for all major industries — is to design a security mechanism for CAN with strong, embedded protection, high fault tolerance and low cost. That’s why I see massive opportunity for startups that can address this issue and ultimately defend all our physical assets — every plane, train, manufacturing system, and so on —from cyberattack.
What would such a company look like? Well, for starters, it could attempt to solve the security problem by adding a layer of intelligence — as well as a layer of authentication — to a legacy CAN bus. This kind of solution could intercept data from the CAN and deconstruct the protocol to enrich and alert on anomalous communications traversing OT data buses. With such a solution installed, operators of high-value physical equipment would gain real-time, actionable insight about anomalies and intrusions in their systems — and thus be better equipped to thwart any cyberattack.