In the movie, Die Hard 4: Live Free or Die Hard, internet-based terrorist and former U.S. Department of Defense, decides to take down America by crippling its commercial and industrial infrastructure hacking into the very computers that manage these systems.
The tools used for the hacking in the movie are NMAP or Network Mapper, a network port scanner and service detector offering stealth SYN scan, ping sweep, FTP bounce, UDP scan, operating system discovery. It also happens to be a free and open-source utility.
While some argue that the hacking, in the movie, was too easy, the scenario is still plausible and we hear of this often enough as in the case of Triton or Trisis which targeted older versions of Schneider Electric’s Triconex Safety Instrumented System (SIS) controllers.
FutureIoT spoke to Chakradhar Jonagam, Head Software Architect, Biqmind, to discuss among other things how organisations continue to struggle with security industrial infrastructure.
As operators and governments push the 5G story out, it remains just a matter of time before we see more cyberattacks against state and industrial infrastructure. The question is – what should enterprises and regulators be doing today?
What are the business applications of industrial IoT in Asia-Pacific?
Chakradhar Jonagam: With 85% of Asia Pacific organisations still in the early stages of cloud maturity, many have yet to unlock the real business value of cloud computing. Industrial IoT will find plenty of applications in bridging legacy technology onto the cloud, which still forms the backbone for many global MNCs across APAC.
This is where the adoption of a single framework by different industry stakeholders will ease their integration into the common cloud ecosystem regardless of markets or locations, without the need to rebuild all of their existing infrastructures.
Another common business application for industrial IoT is the ability to not just help organisations scale their operations across geography, but also by solutions – both hardware and software. Operating from a single framework also means that the adopted solutions must have a uniformed approach to dealing with data, especially when collecting from a variety of data sources like sensors, equipment or machines.
Edge computing again becomes a critical piece to the puzzle, in which data is collected across different sources, sites and devices must be interpreted similarly by different parties on the cloud. Along with other internal business and operational data, organisations can also potentially establish predictive models that will enable them to identify issues even before they arise by running remote diagnostics.
How will 5G impact IoT rollouts?
Chakradhar Jonagam: 5G data speed can operate 20 times faster and connect 1,000 times more devices than its 4G counterparts. This enables more devices to interact more efficiently with IoT networks. In addition to enhancing the mobile experience for consumers such as virtual reality content-streaming services, this increased speed and capacity is also a boon for a variety of industrial applications that require constant connectivity with no downtime.
For instance, in the context of the oil and gas industry, the harsh operating environments of oil rigs result in inconsistent connectivity to operational touchpoints. As such, the process in which operators collect data on output is often done so manually through every sensor scattered across the oil rigs.
With 5G networks, oil rig operators can leverage edge computing for visibility on its output, automating the collection of data in real-time to a centralised database where data can be processed, analysed and leveraged for more informed business actions. In the event of critical errors at the edge like gas leaks, seamless IoT connectivity is crucial for quick problem identification so more time can be allocated to addressing the issue.
A combination of edge and IoT will also bring automation that can improve working conditions in hazardous environments by providing better visibility of the environment.
What is the current state of security for IoT [or lack of it]?
Chakradhar Jonagam: Cybersecurity used to be an afterthought with the assumption that all devices are isolated, and therefore, not connected to the internet. However, as the number of IoT-connected devices is estimated to reach over 75 billion by 2025, they are starting to garner widespread attention from cybercriminals and law enforcers alike. Consumers and businesses are becoming more susceptible to security breaches than ever before, potentially giving hackers access to security cameras, factory operations and even medical devices.
Moving forward, we expect to see a lot more focus on addressing IoT vulnerabilities, as many of these devices are directly used by end-users in one way or another. Some common measures that will be enforced further include mandatory password changes as well as mutually authenticated protocols across multiple devices.
How do you effectively measure the impact of industrial IoT?
Chakradhar Jonagam: With multiple data points and systems, it is easy for organisations to get caught up in an ‘analysis paralysis’.
Whether it is to deliver top-line objectives or reduce bottom-line costs, there are three key pillars that organisations should consider. Firstly, measuring traditional time to production against accelerated time to value is a good gauge to how much more quickly organisations are able to perform a task with the deployment of cloud-native solutions.
The second measure is the cost savings generated from using fewer resources, time and infrastructure. Lastly, measuring productivity by determining the amount of repetitive work that has been automated, allows organisations to focus more on enterprise efforts.