The Internet of Things (IoT) and the connected kitchen has become the holy grail for commercial kitchen equipment manufacturers and their major clients. This has been preceded over the past decade by individual items of equipment, firstly being capable of being remotely programmed, and then monitored by a manufacturers service team to ensure optimum performance.
These equipment systems use sensors and devices in each piece of equipment enable them to be linked and programmed to function effectively, but at the same time they expose a potential vulnerability to malware attack.
The rate of cybersecurity threats to IoT systems has risen fourfold in the past year (Zscaler report). The actual use of IoT systems, including new adoptions and added connected devices has grown at a rate of 18% since 2022 but in the same period malware attacks have grown by more than 400%. Over half these system vulnerabilities have been denial of service (DDoS) that have attacked Wi-Fi routers, computers and IoT systems, and 85% of these attacks have taken advantage of vulnerabilities in targeted devices that have existed for three years or more: in other words the programmable oven or dishwasher that was installed over three years ago.
Manufacturers globally experience 6,000 attacks per week to their IoT systems. With the router being the most vulnerable point of entry. These vulnerabilities will be “shadow devices that may not be identified in the corporate IT system that either does not know that they exist in their system or can happen when the user has too much implicit trust.
Establishing trust
A serious mistake is to believe that a IoT device: a combi oven; is not a valuable target and therefore not a security risk. Any unsanctioned device that needs internet access such as a combi oven, dishwasher etc. is a risk entry point which needs at least to go through traffic inspection and be blocked from the corporate data via a proxy.
Having isolated the connected kitchen IoT system from the client corporate system, it is not enough to rely on the encryption of the data flow between equipment to protect the connected kitchen system. they may not store sensitive information such as personal or financial data, but they can be used as entry points into a network or as part of botnets for larger attacks. While equipment manufacturers may incorporate some level of security features, they may not always be sufficient to protect against sophisticates attacks, users should not rely solely on these default settings, which are often generic and therefore vulnerable.
‘Zero Trust’
The approach to establishing the connected kitchen or even a single piece of equipment that requires an internet connection has to be based on Zero Trust principals (John Kindervag: Forrester Research Inc.). This means ‘trust no-one and no device, inspect and verify every connection’. This means that IoT managers have to embrace a multi layered security approach to ensure a resilient IoT ecosystem in order to identify vulnerabilities before they become a problem.
The weakness in the professional foodservice facility ecosystem is to buy, install and forget; and very occasionally, service and maintain; otherwise just use it until it breaks down. Even those users that diligently maintain their equipment are in the hands of manufacturers who still struggle to agree on a standard protocol for appliance interconnectability let alone standardised security measures between them.
The weak point in the internet security in the professional kitchen will be the legacy systems of early adopters of the ‘new’ internet connected equipment which was designed with little recognition of the potential for IT vulnerability. The combi oven may have originally been connected to the internet; and although the programmable feature is no longer being used, it is still connected. The software and old protocols in these legacy systems offer weak protection against attacks: providing a back door entry!
The AI equation
To magnify the level of risk, although AI powered technologies can be used to proactively mitigate potential threats, AI capabilities will also empower threat actors to identify targets and vulnerabilities, automate attacks and evade traditional security measures. As a consequence, expect industry standards and regulation will make the manufacturers of equipment accountable for the IoT security of their products.
When considering any new equipment item that is either individually internet connected or as part of a connected kitchen system, the designer and their client must be aware of the need to ensure that the firmware and software of each item is included in the corporate IT security strategy and ensure that existing equipment is audited for threat potential. This may not be confined to preparation, cooking and service equipment, but also menu and stock management; POS software systems and HACCP traceability systems that rely on internet connection to function effectively.
The takeout from this is that consultants and designers have to be aware of the need to inform their clients of the potential for IT security threats of the new integrated kitchen equipment or individual systems as part of their duty to do no harm. In selecting equipment and systems for projects, ensure that the manufacturers of the equipment being used, have considered the potential vulnerabilities on the design of their equipment and systems. Ask the question; work on: “Zero Trust architecture and operate at least on the principal of ‘trust no-one and no device, inspect and verify every connection; so that the operator/client can be prepared to disrupt attacks at any stage if threat actors exploit a connected device,” (Deepen Desai, global CISO, Zscaler) It is also for consultants and specified suppliers to consider cybersecurity as a potential legal risk if due consideration is not made.
Tim Smallwood FFCSI
