How to fix insecure operating technology that threatens the global economy

Check out the Low-Code/No-Code Summit on-demand sessions to learn how to successfully innovate and achieve efficiencies by enhancing and scaling citizen developers. Watch now.


Today, with the rampant spread of cybercrime, an enormous amount of work is being done to protect our computer networks, to secure our bits and bytes. At the same time, however, not enough work is being done to protect our atoms, that is, the strong physical infrastructure that runs the world economy.

Nations are now replete with operational technology (OT) platforms that have essentially computerized their entire physical infrastructure, whether it be buildings and bridges, trains and automobiles, or the industrial equipment and assembly lines that keep economies running. But the notion that a hospital bed can be hacked, or a plane, or a bridge, is still a very new concept. We need to start taking such threats very seriously because they can cause catastrophic damage.

Imagine, for example, an attack on a major power generation plant that leaves the Northeastern US without heat during a particularly brutal cold snap. Consider the enormous amount of hardship, and even death, this type of attack would cause as homes are left in the dark, businesses are cut off from customers, hospitals struggle to operate, and airports close.

The Stuxnet virus, which emerged more than a decade ago, was the first indication that physical infrastructure could be a prime target for cyber threats. Stuxnet was a malicious worm that infected the software of at least 14 industrial sites in Iran, including a uranium enrichment plant.

Event

smart security summit

Learn about the critical role of AI and ML in cybersecurity and industry-specific case studies on December 8. Sign up for your free pass today.

Register now

Since then, the Stuxnet virus has mutated and spread to other industrial and power-producing facilities around the world. The reality is that critical infrastructure everywhere is now at risk of attacks similar to Stuxnet. In fact, security flaws lurk in critical systems used in the world’s most important industries, including power, water, transportation, and manufacturing.

Built-in vulnerability

The problem is that the manufacturers of operating technology never designed their products with security in mind. As a result, trillions of dollars in OT assets are highly vulnerable today. The vast majority of these products are based on microcontrollers that communicate over insecure Controller Area Network (CAN) buses. The CAN protocol is used in everything from passenger vehicles and farm equipment to medical instruments and building automation. However, it does not contain direct support for secure communications. It also lacks all-important authentication and authorization. For example, a CAN frame does not include any information about the sender’s or receiver’s address.

As a result, CAN bus networks are increasingly vulnerable to malicious attacks, especially as the cyber-attack landscape expands. This means that we need new approaches and solutions to better secure CAN buses and protect vital infrastructure.

Before we talk about what this security should look like, let’s examine what can happen if a CAN bus network is compromised. A CAN bus essentially serves as a shared communication channel for multiple microprocessors. In a car, for example, the CAN bus makes it possible for the engine system, combustion system, brake system, and lighting system to communicate with each other seamlessly over the shared channel.

But because the CAN bus is inherently insecure, hackers can interfere with that communication and start sending random messages that are still compliant with the protocol. Imagine the chaos that would ensue if even a small-scale hack of automated vehicles took place, turning driverless cars into a swarm of potentially lethal objects.

The challenge for the automotive industry, indeed for all major industries, is to design a security mechanism for CAN with strong, built-in protection, high fault tolerance, and low cost. This is why I see a huge opportunity for startups that can address this issue and ultimately defend all of our physical assets (every plane, train, manufacturing system, etc.) from cyberattacks.

How OT security would work

What would such a company be like? Well, for starters, you could try to solve the security problem by adding an intelligence layer, as well as an authentication layer, to a legacy CAN bus. This type of solution could intercept CAN data and deconstruct the protocol to enrich and alert on abnormal communications traversing OT data buses. With such a solution in place, operators of high-value hardware would gain real-time, actionable insights into anomalies and intrusions into their systems, and thus be better equipped to thwart any cyberattacks.

This type of company will likely come from the defense industry. It will have deep fundamental technology in the embedded data plane, as well as the ability to analyze various machine protocols.

With the right team and support, this is easily a $10+ billion opportunity. There are few obligations more important than protecting our physical infrastructure. That is why there is a pressing need for new solutions that are deeply focused on hardening critical assets against cyberattacks.

Adit Singh is a partner at Cota Capital.

Data Decision Makers

Welcome to the VentureBeat community!

DataDecisionMakers is where experts, including data technicians, can share data-related insights and innovation.

If you want to read about cutting-edge ideas and up-to-date information, best practices, and the future of data and data technology, join us at DataDecisionMakers.

You might even consider contributing an article of your own!

Read more from DataDecisionMakers

Leave a Comment