By Renaud Deraison, Co-founder and CTO, Tenable
Lateral attacks that gain a foothold in IT and spread to operational technology (OT) networks have been a well-documented concern over the past 24 months. However, heading into 2020, we will see the emergence of OT to IT attacks. These attacks will capitalise on the rapid convergence of IT and OT by targeting vulnerable OT environments as a path of least resistance to IT data repositories. For example, we can expect attacks that intentionally compromise industrial control systems (ICS) in order to gain access to IT networks and assets, like customer databases.
We should also expect to see attackers targeting OT infrastructures such as branch or remote locations at large organisations. Typically, smaller sites are connected to the larger OT network and, in the case of energy providers, to regional grids. As a result, a compromise at a remote site or even a small energy provider could have cascading impacts if an attack is able to spread.
Moving into 2020, 5G networks will continue to be rolled out in cities across the globe, with devices designed to take advantage of this technology. This will create more disruption to the enterprise which will have even more difficulty identifying what devices are out there listening to and observing employees via a rogue 5G security camera or smart speaker.
With 5G networks will come the advent of 5G-only IoT and IIoT devices, which do not require connecting to the local network to operate. This will diminish the risk of an IoT device used as an attack vector against the rest of the network. But it will create more disruption for enterprises that already struggle to determine which equipment they have in their digital infrastructure. When their elevators, HVAC, CCTVs and smart speakers start connecting directly to the cloud via 5G, it won’t get any easier.
We have already seen MITM attacks that allow an attacker to perform device fingerprinting, battery draining and downgrading attacks. Moving forward, we anticipate an increase in the discovery of new attack vectors as 5G becomes operational worldwide and implementation issues are exposed by researchers.
As devices evolve to capitalise on the latest generation of mobile wireless system, it’s even more important that the security of the device itself be considered.