XIoT: The new frontier in cybersecurity

March 15, 2022
XIoT is an umbrella term for connected cyber-physical systems.

Highly connected cyber-physical systems are continuing to become more prominent as digital transformation journeys progress beyond the need created by the hybrid workplace—entering the new paradigm of the Extended Internet of Things (XIoT). 

XIoT is an umbrella term for connected cyber-physical systems, encompassing not only operational technology, industrial control systems (ICS) and industrial IoT (IIoT), but also connected medical devices and other IoT devices within the enterprise, such as elevator and HVAC controls. Many of these assets were not originally designed to be connected to the internet or are riddled with vulnerabilities, yet that’s not stopping their proliferation within industrial, healthcare, and many other types of environments. 

These systems are rapidly connecting—online and to the cloud—not only for security management, but for data analysis, performance tracking and enhancement, and much more.

Likewise, vulnerability researchers are paying greater attention to these sectors as well. Decision-makers need not justify the prioritization of securing the XIoT, as 34% of vulnerabilities disclosed in just the last six months of 2021 were found in software and firmware running within systems not designated as purely OT. 

Managers overseeing converged XIoT environments must consider a range of potential weaknesses and how they can be exploited remotely or locally. The security of third-party partners up and down the supply chain must also be managed; a compromised vendor or supplier with access to sensitive systems could allow attackers entry to cloud-managed systems. 

Multi-tenant hosts are also a risk to cloud-based XIoT systems. An attacker with access to the host system managed by a service provider would theoretically be able to target any of the virtual instances on that host, creating a single point of failure.

This is the risk-management equation in front of XioT operators and owners in 2022, who must weigh the risks of putting OT, IoT, and medical-device management in the cloud against the business and operational benefits of doing so.

According to the latest Biannual ICS Risk & Vulnerability Report from Claroty’s Team82, the current vulnerability landscape further confirms the need to secure beyond OT to the XIoT and will continue to fuel the eventual prioritization of XIoT cybersecurity among decision makers. 

By Chen Fradkin, security researcher at Claroty