Our new Biannual ICS Risk & Vulnerability Report is the most up-to-date look at CVEs disclosed in OT devices.
Check it out!
Industry 5.0 and the Extended Internet of Things (XIoT): A Historical Context
By The Claroty Team | May 5, 2022
Over more than 300 years, a series of industrial revolutions has transformed the way we live for the better. Each era has been marked by the introduction of mechanization that has accelerated the creation and delivery of goods and services at scale and at lower cost. The journey has required tremendous innovation to fuel an advanced global economy and has made life as we know it possible. However, it has also introduced risk, initially to personal safety, then to networks and systems, and eventually the two merged to introduce cyber-physical risk.
Today, we sit on the cusp of the next industrial age—Industry 5.0, which presents additional opportunities for better business outcomes, but also new, more dangerous risks organizations have never experienced before. Let’s take a brief look back at the historical context of how we got here and what’s required to better protect an ever-expanding ecosystem of connected systems and devices that critical infrastructure, healthcare organizations, and enterprises rely on.
Industry 1.0: The Mechanization of Production
The first industrial revolution emerged in the 1700s, humans began harnessing steam power to dramatically enhance industrial productivity. Mechanization simplified farming, accelerated the manufacture of textiles and clothing, and set the stage for the next era of industrial change with the drilling of the first oil well around 1860.
Industry 2.0: Mass Production
In the late 1800s and early 1900s, innovations such as electricity and assembly line production enabled goods to be produced faster, on a larger scale, and at a lower cost. It was also the era of “planes, trains, and automobiles.” A series of firsts provided a glimpse into a future where mobility was affordable and movement of goods and people across vast distances could happen in a matter of hours. A network of telephone lines across the United States further removed distance barriers, making it possible to communicate instantly.
During these first two periods of industrial revolution, workers’ personal safety was at heightened risk. Machinery and power sources required human intervention to operate and monitor them with few, if any, safety mechanisms in place. In the early 1900s, progress in the form of federal regulations and workers’ compensation to drive improvements in workplace conditions and safety were introduced and accident rates began to fall.
Then came automation along with network connectivity and the nature of risks changed.
Industry 3.0: Industrial Automation
Beginning in the 1970s, developments such as programmable logic controllers (PLCs) and partial automation enabled certain industrial processes to be carried out without human assistance. Industrial control systems (ICS) networks emerged to run the world’s infrastructure, and supervisory control and data acquisition (SCADA) systems helped engineers collect, analyze, and visualize data to optimize operations for efficiency and productivity gains. The advent of the internet and network connectivity introduced a new type of risk to organizations—cyber threats.
Industrial assets have long life cycles, and no modern security controls. However, because operational technology (OT) networks were initially isolated from IT networks, the risk of a targeted cyberattack was negligible. Threat actors were not yet at the stage where they were openly targeting these networks to inflict physical damage. The level of effort by a threat actor was simply too great when there was already ample opportunity to create havoc and reap rewards by targeting IT networks and systems.
Industry 4.0: Cyber-Physical Systems and the Industrial Internet of Things (IIoT)
The fourth industrial revolution puts technology at the forefront, connecting the automated technologies introduced during Industry 3.0 to the broader enterprise IT network, as well as the internet. This digitization of manufacturing—characterized by cyber-physical systems and the Industrial Internet of Things (IIoT)—has been a game changer, giving rise to the “smart factory.” Leveraging artificial intelligence, machine learning, and real-time data, this newfound interconnectivity between factory machinery and the cyber world has enabled the optimization of physical processes, operational resilience, supply chains, and business agility.
Despite its many benefits, Industry 4.0 has exposed industrial assets to cyber risk that they were never designed to be able to combat. As these assets began to connect to IT systems, their unguarded exposure and the potential for significant damage made these networks attractive targets for cyberattacks. It is for this reason that Claroty was founded in 2015.
Adversaries understand the importance of OT networks and during Industry 4.0 began to attack them boldly to wreak havoc. The cyberattacks on the Ukraine power grid in December 2015 and December 2016 were among the first elements of proof of threat actors targeting critical infrastructure. The second wave came with WannaCry and subsequently NotPetya, which was devised to spread quickly and indiscriminately. The widespread, collateral damage to OT networks and disruption to operations revealed to security professionals just how poor the cyber risk posture of their OT networks was and prompted swift actions in many of the largest companies.
Since the onset of the COVID-19 pandemic, the acceleration of digital transformation and remote access across all critical infrastructure sectors has compressed years of industrial change into months. A “newer” wave of attacks that take advantage of cyber-physical integration and a proliferation of connected devices is different in severity and priority because they put lives and livelihoods at risk. While attacks on IT networks and data breaches that began decades earlier are very costly and have other financial implications, they don’t threaten the physical world we live in and the systems we depend on, as do attacks against hospitals, oil pipelines, and other types of critical infrastructure. The 2021 incidents involving Colonial Pipeline, JBS Foods, the Oldsmar, Florida water supply (just to name a few) brought this into sharp focus.
Although organizations cannot prevent bad actors from targeting them, they can make it harder for these actors to achieve their mission and thus move on to easier targets. For years, The Claroty Platform has been helping organizations identify, manage, and protect their OT assets and a range of connected devices.
Industry 5.0: The Extended Internet of Things (XIoT)
We now sit at the brink of the fifth industrial revolution, which will build upon the inter-machine connectivity of Industry 4.0 by enhancing human-machine interaction. Industry 5.0 recognizes that human creativity and critical thinking cannot be replicated by machines. As such, ongoing innovation strives to optimize processes by delegating repetitive or predictable tasks to automation while also integrating human operators into production processes.
In this new industrial revolution, the IT-OT convergence that began under Industry 4.0 continues to grow in terms of scope and intensity to form the Extended Internet of Things (XIoT), which holistically refers to the increasingly complex and varied set of connected devices within enterprise networks, including the following asset categories:
Industrial IoT (IIoT) and operational technology (OT) assets, which handle all cyber-physical processes and equipment, such as the programmable logic controllers (PLCs) that support critical processes in industrial environments. These systems are connected internally to workstations that can typically be accessed remotely for maintenance; other cyber components include IIoT devices such as smart sensors. The 16 critical infrastructure sectors as defined by CISA—from manufacturing to energy to transportation—rely on these interconnected processes and systems.
Healthcare IoT assets, including medical imaging equipment such as MRI machines and CT scanners, as well as internet of medical things (IoMT) devices such as smart vitals monitors and infusion pumps that support critical care delivery in healthcare environments. These systems are usually connected to an organization’s IT networks.
All other IoT devices used in smart cities, smart grids, enterprise IoT environments, building management systems (BMS), and any kind of “smart” technology assets.
Industry 5.0 steps up to deliver additional top-line and bottom-line benefits modern enterprises are prioritizing, including sustainability, better customer experiences, and greater profitability. At the same time, the extensiveness of convergence and expanding ecosystem of devices, makes the implementation of strong network segmentation and a strong cybersecurity program that covers all network assets fundamental for modern enterprises.
Think about the following scenarios that have already occurred:
A ransomware attack on a hospital may have led to the death of a baby, since healthcare workers didn’t have access to medical equipment and devices they usually rely on to monitor birth progress.
Threat actors infiltrated a high-tech breakroom vending machine with unfettered access to an OT network worth billions of dollars, to propagate malware across multiple sites.
Vulnerabilities in a wi-fi module used in embedded devices for industries like agriculture, automotive, energy, gaming, industrial, and security allowed threat actors in the proximity of the module to bypass the wi-fi network password and completely take over the device.
At Claroty, we are building a future where cyber and physical worlds safely connect to support our lives, covering all types of connected assets that comprise the XIoT. Learn more about how we are advancing our mission to help organizations position themselves to participate in Industry 5.0 and unlock better business outcomes while building resilience to defend against evolving cyber threats.