Increasing sophistication of identity attacks
IT departments in the financial industry are challenged by user-identity-related attacks, which are on a steady rise. According to a study (JSRS), in the year 2016, the financial losses in the USA alone had climbed to 16 billion USD. In the IIoT context, however, the goal of identity-based attacks is not always money. Well-funded nation state threat actors are involved to design and launch attacks to cause a long-term impact on corporate branding, or even cause a municipal or national crisis. Cyberattacks are usually coordinated; if one system fails, the impact cascades to other interconnected systems. An attack may compromise both the primary and backup systems. These days IoT botnets, involving millions of compromised IoT devices, are regularly used to inject malware and launch DDoS and ransomware attacks.
Sufficient funding and sophisticated techniques to leverage exploits and zero-day vulnerabilities make industries more susceptible to identity attacks, and security architects must factor this into their IAM strategy.
Since industrial systems are characterized by a long lifespan, what is safe today may not be safe 5 or 10 years from now. It is hard to improvise security during operations. Unlike IT, in OT environments patching is typically not a practical option, nor is device downtime or replacement. Safety tools—such as crypto algorithms RSA, AES, and ECC—also need updating as new attack types are exposed. So, IIoT stakeholders need to assess their current risks and project them out by 10-15 years, and plan for security by factoring in safety, reliability, and cost-effectiveness.