Advantech Integrates Azure, Enabling Enterprises to Address IoT Security Threats with One-stop IT/OT Security and Protection Services
Advantech is placing its DeviceOn industrial control software platform at the core of its one-stop information and security protection solution. This solution integrates IT and OT, as well as Microsoft Azure, McAfee, and Acronis software — products that Advantech serves as an agent for. These four attributes enable this solution to help enterprises address IoT attacks.
Surveys indicate that up to 90% of connected devices have no security or protection in 2021. Analogously, equipment vital to an enterprise’s existence has the highest attack incidence rate, and remains particularly vulnerable. Such an attack could halt business operations and, in the worst-case scenario, effect upstream and downstream supply chains. One notable recent example is the May 2021 Colonial Pipeline Ransomware Attack which shut down Americas largest oil pipeline. This incident, orchestrated by malicious actors, had a drastic effect on the supply of oil products on the US Eastern Seaboard. Consequently, the attack pushed the Federal Motor Carrier Safety Administration (FMCSA) to declare a State of Emergency in 18 states. Indeed, the FMCSA adopted unique measures, and scrambled to transport fuel using highways in order alleviate the shortage. This incident evidences the security concerns associated with attacks on operating systems and their impact on enterprises and industry.
Operating Equipment Falls Victim to Malicious Attacks
The U.S. is not the only country to suffer serious security attacks aimed at IoT. In 2020, Taiwan’s largest petroleum product supplier suffered an attack that rendered its electronic payment system unusable. Similar attacks affected operations at a major computer memory packaging and testing company, a PCB manufacturer, and a market-leading GPS system vendor. These cases demonstrate that information security threats span both information technology (IT) and operating technology (OT) domains. Indeed, vulnerabilities in IoT devices and equipment, as well as external network environments leave many enterprises susceptible.
Rison Yeh, Advantech’s Senior Product Manager of the Embedded-IoT Group posits that three factors influence a malicious actor’s decision to target enterprise IoT devices and production/power equipment. First, ransomware has developed into an ecological chain that enables perpetrators to access the software needed for an attack. Second, enterprises are willing to compromise and pay the ransoms in exchange for a return to normal equipment operation as this mitigates the costs of production line stoppages. Third and finally, greater numbers of companies are connecting equipment to the internet in an attempt to improve competitiveness with automation and smart manufacturing.
These companies fail to install security and protection programs on their devices for myriad reasons, enabling ransomware to move laterally across equipment. Often, by the time an enterprise identifies an attack; the ransomware has locked and encrypted their devices.
Rison Yeh added, “Advantech integrated WISE-DeviceOn with products and services from our partners — including Microsoft 365 Defender, Azure Defender for IoT, McAfee, and Acronis — in an effort to help enterprises defend their operating equipment and IoT devices against security threats. Indeed, WISE-DeviceOn offers a one-stop, comprehensive IT/OT total security solution. This enables us to help enterprises prevent, monitor, detect, and isolate hazardous and malicious ransomware decisively in real-time. We can also promptly recover encrypted files and systems as part of our security and protection.
Advantech Safeguards Enterprise IT and OT with Four Steps!
“Our goal is to build an IT and OT security and protection mechanism from the edge to the cloud. We will reference the Purdue model and follow ISA 99/IEC 62443 recommendations to undertake corresponding network security control measures.” stated Lai Si-yu, Product Manager, Advantech’s Embedded-IoT Group. After infiltrating a company’s intranet via a vulnerability in their external network, ransomware can easily move laterally. This makes simultaneously enhancing enterprise IT and OT security and protection capabilities crucial. Doing so requires following four steps.
First, we need to separate IT and OT network architectures and firewalls. Second, we need to conduct detection and monitoring for IT and OT devices and equipment. This includes using Microsoft 365 defender to realize Safe Links, Safe Attachment, and anti-phishing protection. Similarly, Azure Defender enables us to use IoT’s highly visualized operating equipment to connect to topography, analyze packet data, and implement safety checks. Likewise, we can conduct identification management for operating equipment and prevent ransomware attacks with DeviceOn Edge Security. Analogously, DeviceOn for Azure enables us to conduct safety management for edge devices and equipment, and compile monitored data from IT and OT. Third, in the event of a breach, we can still back up and recover our system via Acronis’ integrated batching. Finally, we can also use McAfee’s whitelist antivirus software to ensure that abnormal and unauthorized apps or services will not run on the equipment to guard against zero-day attacks.
Take the following case for example. Advantech helped a semiconductor packaging and testing company shorten the maintenance and backup/recovery times for disparate edge operating equipment from one week to less than one day. Likewise, they eradicated USB infection issues caused by manual operation. Advantech also helped an OEM company increase the visibility of its IoT devices and production machines using Azure Defender for IoT. Meanwhile, the ability to monitor equipment operating statuses remotely and the backup/recovery mechanism reduces management and maintenance times by up to 90%.
“You can still conduct out of band management via the iBMC chip in your operating equipment or Intel iAMT (vPro) — even when hit with a ransomware attack. Likewise, you can still activate system recovery remotely even if you are unable to boot your system after a ransomware attack. This helps reduce the embarrassment of having production lines shut down for an extended periods of time”, added Rison Yeh. He also predicts that iBMC will play a key role in improving response speeds in such attacks
Advantech will continue to optimize its service capacity using three approaches in an effort to deliver IoT security and protection services, in sync with the latest development, to its corporate customers. First, Advantech will call on its partners in the Azure IoT CSP (Cloud Service Providers) ecosystem to jointly provide security and protection solutions that meet the needs of different industries. Second Advantech will augment transmission security and protection capabilities. Third and finally, Advantech will continue to enhance its safety governance capabilities in an effort to demonstrate its security and protection capacity.
Advantech and its CSP partners will continue working with business partners to co-create business ecosystems that accelerate industrial intelligence. Advantech provides Azure IoT CSP partners with a variety of services and marketing resources, and help them develop smart manufacturing solutions. Advantech does so by leveraging ecosystem resources through the mutual assistance and resource sharing of IT and OT partners in various vertical markets.