Based on the discussions so far, you can probably appreciate the enormity of the opportunities the Industrial Internet presents. The unique convergence of Moore's law with mobile and cloud-based technologies is enabling several breakthroughs in predictive services, intelligent processes, efficient control, ubiquitous connectivity, newer streams of revenue, and above all better living standards.

As the network moves from the last mile to the last micron, field sensors, water irrigation pumps, and automobile engines are digitally transforming into data sources and sinks. Just as the orchestration of connectivity, analytics, and control varies across industry sectors, so does the nature of security vulnerabilities, attack surfaces, and cyber threats. In this section, cyber risk gaps are discussed for a few industry-specific IIoT use cases, which sets the IIoT security methodologies discussed in the rest of this book into perspective.

IoT connectivity in power generation and distribution (smart grids) is an important use case that enables utility companies to communicate with their retail and enterprise consumers. This bidirectional communication enables demand-based variable energy production, as well as fuel and cost optimization (NIST-SMG). With smart metering, utility workers no longer need to physically visit consumer premises to obtain meter readings. This makes metering and billing more accurate and cost-efficient. Accuracy in tracking and reporting usage enables utility companies to gain better insights into customer energy usage profiles, which enables them to optimize usage and defer usage away from peak hours.

A power generation utility is a typical example of a system of systems, with highly distributed control systems and networks. Smart grids are, in general, implemented in a way that depends massively on TCP/IP networks, both wired and wireless.

In many power generation facilities around the globe, the cyber defense practices utilized today are often outdated. Inadequate use of risk management practices and security controls such as industrial firewalls with DPI capabilities and access control render these facilities exposed to cyber risks.

As critical infrastructures, the impact of a cyberattack in these facilities could potentially cascade onto other interdependent systems, such as water purification facilities, smart city traffic control systems, and so on. In Chapter 9, Real-World Case Studies in IIoT Security, the anatomy of a power grid cyberattack is discussed elaborately.

Data suggests that energy sectors are more prone to cyberattacks and more than 15% of industrial cyberattacks target the energy sector (ENER-SYMT). Stuxnet, Duqu, Shamoon, and Night Dragon are infamous security incidents that targeted the energy sector. Internet threats are one of the prime concerns in the energy sector, compounded with the ubiquity of legacy systems, which were originally designed as air-gapped systems and still remain to be fortified with security controls.

In manufacturing plants, unscheduled downtime has always been the top reason for lost productivity. Critical asset failures largely contribute to these unplanned shutdowns. Finding effective ways to predict and prevent asset failures on the factory floor has always been a hard-to-win battle. Today, the evolving framework of IoT enables us to better manage physical assets using smart sensing, scaled connectivity, and data-driven predictability. Using the IIoT framework, manufacturing plants can deploy instrumentation across the factory processes to establish a digital continuum, which connects information and utilizes actionable data. Real-time analysis of this data enables early fault detection and data-driven decision making, which in turn helps minimize unplanned downtime and improve performance, and therefore increase profits.

In manufacturing, legacy technologies, inadequate cybersecurity skills among OT operators to conduct timely patches, upgrades, segmentation, perimeter-based defense, and so on pose a serious cyber risk. The interplay of multiple vendors owning the various components of an IIoT solution and the vulnerabilities in third-party systems, such as unsecured APIs, lack of permission-based access, the use of clear text, and so on, need to be carefully examined:

In June 2010, 14 industrial sites, including a uranium-enrichment plant, were infected by a 500 KB computer worm called Stuxnet. The worm entered one of the computers through a USB stick, and feigned a trustworthy digital certificate to evade automated detection systems. It proliferated via the enterprise LAN and infected air-gapped computers, owing to its ability to be transmitted through a USB drive.

The worm attacked in three phases:

• Phase 1: Targeted Microsoft Windows machines and networks.
• Phase 2: Checked whether the ICS was controlled by Siemens Step7, a Windows-based application used to control centrifuges in Iranian nuclear plants. If the system was not a target, Stuxnet did nothing except spy on its sensitive information.
• Phase 3: It attacked PLCs that controlled the centrifuges.

The Stuxnet worm was unusually smart and exploited four zero-day vulnerabilities, namely:

• The LNK vulnerability: LNK is a file shortcut in Microsoft Windows
• Shared printer-spooler vulnerability: Used to spread in shared printers in a LAN
• Privilege escalation vulnerability: To gain system-level privileges even in thoroughly locked down computers

After infecting the controller system, the worm would relay false feedback information to upstream controllers to evade threat detection until it was too late. The Stuxnet worm was estimated to have destroyed 984 uranium enriching centrifuges, which is estimated to have contributed to a 30% decrease in enrichment efficiency (STN-REP).

From the flow of the attack, it seemed obvious that financial gain was not the goal of this attack. The sophistication of the attack suggests the involvement of nation state actors. Although the exact motive of the attack is debatable, the worm specifically targeted the Siemens systems used in the Iranian nuclear plants. To be able to slow down the Iranian fuel enrichment program is also widely accepted as a possible motive.

The Stuxnet cyberattack amply testifies to the impact of a breach in mission-critical industrial control systems, which are widely used in power generation, manufacturing, automobiles, and so on.

A few key takeaways from this incident are as follows:

• Industrial systems can be infected, even if they are air-gapped. LAN connectivity accentuates this risk. The internet and cloud connectivity allow for much easier proliferation, thus multiplying the risk by many factors.
• Financial gain is usually not the goal of industrial attacks. Reports indicate that subverting the Iranian fuel enrichment program was the motive of Stuxnet. In any case, the role of nation state actors in industrial cyberattacks is amply showcased in this case and the impact of such breaches can potentially lead to warfare-like consequences, often dubbed the "Cyber-Pearl-Harbor."

Driverless, autonomous vehicles taking over the city's roads is the grandest human dream of this decade. Fuel efficiency, hassle-free commuting, parking efficiencies, traffic and road safety, reduction in harmful fuel emissions, and so on are the advantages associated with the vision of autonomous vehicles. While we may have to wait some more years before we can live in this dream, internet-enabled connected vehicles and fleet management are very much a reality. Connected sensor meshs, communications using vehicle to vehicle (V2V) and vehicle to infrastructure (V2I), telemetry, AI and machine learning, cloud connectivity, and so on are the building blocks to make connected vehicles a reality. General Motor's OnStar, Ford's Sync, and Chrysler's Uconnect are some examples of early-stage connected vehicle technologies that are already in use.

Road safety, mobility, and the environment are the top priorities of the connected vehicle program that the US Department of Transportation (DOT) is driving, in partnership with state and local transportation agencies. The National Highway Traffic Safety Administration (NHTSA) estimates that connected vehicles can reduce the 5 million recorded crashes on US roads by 80% (DOT-VHC). According to DOT, surface transportation loses nearly 4 billion gallons of gas each year due to traffic congestion, which also significantly adds to the greenhouse gases (GHG) that vehicles emit. Smart traffic controls thus equate to both fuel and environmental efficiency.

Nextgen connected vehicle communication uses dedicated short-range communications (DSRC), in addition to cellular, GPS, Bluetooth, and so on, to gain 360-degree road awareness. Forward Collision Warning (FSW) doesn't depend on line-of-sight. Considering a driver's data privacy, vehicle information—heading, position, speed, and so on—are communicated using Basic Safety Messages (BSM), which eliminates any personal identifying information (PII) regarding the vehicle or the driver.

In connected vehicles, several complex technologies intricately interplay. The software and hardware often involve multiple vendors. Cloud connectivity provides inroads for black hat hackers. Vulnerabilities in an automobile's control area network (CAN) databus, use of insecure APIs in the software modules, lack of permission control for third-party applications, inadequate "security by design" practices, and penetration testing provide a wide attack surface that can very well shatter our smart transportation dreams.

By exploiting a software bug, security experts Charlie Miller and Chris Valasek demonstrated the fatal consequences of an on-the-road hack when they wirelessly sabotaged a 2014 Jeep Cherokee. The full exploit is explained in Miller and Velesek's report (http://illmatics.com/Remote%20Car%20Hacking.pdf)

Several IoT applications are digitally transforming healthcare systems around the world. Some of the common IoT use cases are connected hospitals, where connected medical devices are simplifying critical patient monitoring instruments. In hospitals, smart medical equipment provides accurate data and reduces cluttered wiring, thus reducing human error-related accidents. Remote monitoring of patients, particularly the elderly, is also a promising use case.

Real-time tracking of medical devices and personnel (such as doctors) in large healthcare facilities is possible by using Bluetooth low-energy (BLE) and RFID. Real-time OS and high throughput data buses allow the cloud connectivity of medical equipment to optimize equipment usage, reduce cost, and improve patient care with instant reports and health analytics. In the pharmaceutical industry, robotics and biosensors are improving the quality of drug manufacturing. IoT also improves visibility into the supply chain of pharmaceuticals, ensuring improved drug quality and patient safety.

In November 2017, for the very first time, the Food and Drug Administration (FDA) approved a digital pill (FDA-MED). A digital pill is a medication that's embedded with a sensor that can tell doctors whether and when patients take their medicine. Since critical medical devices and drugs are linked to human life/death conditions, conformance to FDA regulation is a helpful safety gate. Although regulatory intervention holds the reins for healthcare digitization, connected medical devices and hospitals are a reality today. Black hat incidents in hospitals also testify to the fluid attack surfaces that have been exposed with the adoption of internet connectivity in this slow-moving sector.

May 2017 saw one of the worst cyberattacks in medical history, which crippled the UK's National Health Service with the WannaCry ransomware. Outdated software and applications, legacy systems, and inadequate cybersecurity practices pose major risks for black hat exploits. Inadequate cybersecurity awareness among hospital staff, and the lack of security disciplines such as regular patch cycles, and so on add to the risk factors. In the case of a cybersecurity breach, loss of confidential information such as a patients' medical and financial records is bad enough, but an OT cyber incident can also temper with medication and monitoring devices, which could cost human lives.

In May 2017, WannaCry ransomware spread across enterprises in 150 countries. The ransomware was combined with a Microsoft Windows Server Message Block (SMB) protocol exploit called EternalBlue (ETN-WRD). The IT infrastructure in enterprises including Telefonifa, Santander, Deutsche Bank, Fedex, and so on was infected. However, the biggest impact was seen in hospitals belonging to the UK's National Health Service (NHS), where swathes of computers were infected, forcing hospitals to turn away patients and cancel surgeries.

The EternalBlue exploit, when successfully delivered, grants admin access to every connected system in an Enterprise IT infrastructure. The vulnerability existed in legacy Miscrosoft Windows versions—Windows 7 and 8, XP, and 2003.

The WannaCry cyberattack went viral quickly and proved the notion of multipliers in force in a connected business world. The impact on the UK's NHS hospitals exposed two facts:

• The cyber risk gaps prevalent in OT environments: The lack of a security patch that exposed the NHS's network to the WannaCry cyberattack, which had been released by Microsoft two months prior to the attack. Threats such as WannaCry highlighted the gap in organizations' priorities and understanding to apply security patches in a timely manner. Newer operating system versions integrate many security fixes over their predecessors. WannaCry affected deprecated Windows operating systems, which meant that Windows 10 escaped unscathed. Lack of enterprise-wide software and hardware upgrades and the use of outdated legacy software is often seen in industrial enterprises. This extends the attack surface in OT environments.
• How a cyber incident can impact healthcare processes and patients: Although there has been no reports of fatal consequences, the attack reportedly locked out numerous devices in acute care facilities (trusts), blood testing and diagnostic equipment, and MRI scanners, leading to the cancellation of thousands of appointments and operations (DIG-HLT).