6 steps to IoT disaster

So IoT is that buzzword used for prototyping, new technologies like ultra narrowband & updated machine2machine communication. There are a lot of good developments out there but there are also people, mainly consultants really comfortable with what they did. Resulting in cybersecurity disasters for operational technology. And a couple of questions cannot seem to be answered by people stuck in the traditional field of Information Technology. So let's go through a common scenario of a wrong implementation.1. A customer has a factory and factory machines he wants to monitor these and would love a simple way to look it up on it's smartphone, so far so good technology will make the life easier of the factory owners and engineers. 2. He goes to a big consultancy firm with a lot of experience in network development but no or little knowledge about industrial/operational the factory needs the network. Let's pause for a bit. The assumptions here can be dangerous and lead to the following scenario. When this step is done right the following issues may not exist at all. OT unlike IT has a way more complicated and longer lifecycle to manage with less possibilities of patching. 3. The consultant speaks of a simple solution regarding IP technologies and a long-range high gain wifi network to overcome radio issues in the factory. The technology is fairly standard from a major networking vendor with little to no experience in this field. The factory owner considers he knows how his machines work and it's a great idea that this network can access I/O controllers and a PLC. With a public IP address, he can even control his machines from home or on the road. The consultant confirms this but for the sake of sales or the leak of knowledge isn't open about the risk. 4. A simple I/O router gets installed with a public APN from a carrier. Connection to the industrial network seemed less convenient and the M2M communication manual specified this as a working solution. The I/O router is an older model that was still in stock and has an EOL after 15 years. We are now at year 7 since the release of the product. The communication goes over a 3G band which carriers will end support for in 3 years. So without any knowledge about operational technologies but all industry standards for IT standards, this seems like a fine solution. However within this small step, there are multiple issues. Issue 1. the I/O traffic isn't specefied this should have been done for installing. 2. A public APN means it is vulnerable to public attacks the router is an all in one machine the updates should be specified, IP tables should have been made before installing. 3. This one is obivious for people working with these technologies a factory buys machines and devices for at least 10 years or more 30 isn't uncommon. This will be the only piece of IT in the installation but it will be treated like the other technologies in there so you have to build an OT solution. 5. Disaster time the router communicates normally for a year or 2. Some minor attacks and scans happen to it but nothing special. But in 2 years the router hasn't been updated. It has been 90 days since a zero day was discover which was patched in a week and an update was put out. But since the router wasn't updated even not at unboxing the vulnerability remained. Neither the consultant or the vendor addresses this too the customer. 6.  An outbreak of ransomware has hit some factories in China, the news doesn't pick up quickly and a botnet seems to be spreading the virus it doesn't spend quickly out of China and due to the Chinese firewall it seems to be limited to China only. But trough exports the botnet and the virus leave the country the ransomware spreads rapidly it's unlike major attacks we have seen earlier who exploited windows vulnerabilities like eternal blue. This time it has a strong focus on industrial installations and it uses older routers to encrypt the data in the router meanwhile it tries to encrypt data on the PLC and use the I/O inputs on machines as well. In which some extent the ransomware is successful. Industrial Machines have taken damage. *These scenario is based on research and experience in the field however the exact case is fictional and do not have any direct relationship to the companies I work or have worked for or it's clients. This piece is written as a what could go wrong scenario. IoT is amazing and offers a lot of possibilities and opportunities, the downside is it could have a lot of pitfalls. I specifically used the example of IP instead of ultra narrowband technology since this is a general introduction to IoT risks for an IT (security) knowledgeable audience.