IIoT Vulnerabilities Rise as Cyber Threats Target Edge Devices

Research by Positive Technologies reveals a growing threat to the industrial Internet of Things (IIoT), with attackers increasingly targeting edge devices such as sensors and controllers. These devices are highly vulnerable to various security risks, including hardware vulnerabilities, firmware flaws, malware, weak passwords, and unsecured internet access. The research also highlights breaches in data transmission protocols and IoT gateway hacks, alongside cyber threats targeting analytical systems and specific industrial software.

IoT adoption surged in 2023, especially across sectors like healthcare, manufacturing, telecommunications, and agriculture, as reported by Fortune Business Insights. Companies are embracing IIoT solutions to enhance production and technological process monitoring, automate adjustments, and analyze IT equipment states. In industries like power engineering, IIoT facilitates the upgrade of power supply channels with smart grids. In the petrochemical industry, IIoT helps in automatically detecting deviations from production standards. The metallurgy sector benefits from IIoT’s ability to collect data from hard-to-reach sensor locations, while mechanical engineering uses it for real-time monitoring and analysis of both equipment and personnel performance.

As automation increases, more companies are adopting advanced technologies like AI, including creating digital twins to simulate the performance of industrial systems under various conditions. These technologies enable businesses to monitor equipment and detect malfunctions before they occur, reducing the risk of costly downtimes. Ekaterina Snegireva, Senior Analyst at Positive Technologies, explains how IoT and data analytics are playing a key role in proactive monitoring and system testing.

The industrial sector has long been a prime target for cybercriminals, with the manufacturing industry being particularly vulnerable. In the first three quarters of 2024, 19% of attacks on manufacturing companies were attributed to APT groups. Malware, including ransomware, social engineering, and vulnerability exploitation, were common methods used by attackers. Cybercriminals are also using legitimate software to evade detection, making it harder for security measures to identify and block threats. Dark web forums have become a hub for selling attack tools and providing guides on executing cyberattacks. For instance, an exploit allowing attackers to hijack an IoT gateway can be purchased for around $1,000.

The primary goal of cybercriminals is to steal confidential information, with 65% of attacks targeting sensitive data, including trade secrets (37%). Additionally, 33% of incidents resulted in disruptions to production processes, causing significant operational setbacks for companies.

As the IIoT sector faces challenges related to insufficient standardization, some countries are taking proactive steps to strengthen security. In Russia, for example, the government is working alongside industry stakeholders on the digital transformation of IIoT. In 2024, Russia established its first certification body for trusted software and hardware systems, with plans to extend this certification to IIoT components.

To protect IIoT systems from these growing threats, experts recommend using tools like MaxPatrol O2 for autopilot cybersecurity. Companies should regularly conduct asset inventories, address vulnerabilities promptly, implement network segmentation, and secure their hardware and software supply chains. Regular staff training, participation in bug bounty programs, and ongoing security assessments are also critical in minimizing risks. Additionally, using PT Industrial Security Incident Manager can help monitor traffic within industrial networks, while MaxPatrol EDR offers protection by detecting targeted attacks on endpoint devices. By strengthening cybersecurity, companies can better safeguard their IIoT systems from evolving threats.