Zachary Amos, Editor of ReHack Magazine writes about digital twin from the angle of how they impact on cybersecurity, sharing the risks and measures
IoT helps make digital twin technology possible. However, while its usefulness cannot be overstated, its flaws should not be overlooked. Frankly, it has an undesirable impact on cybersecurity. Here’s how it affects digital twin security.
Digital twins pose significant cybersecurity risks
Digital twins are becoming increasingly prominent in the United Kingdom, partly driven by increased connectivity. One report places the country’s IoT market revenue at over $19.63 billion in 2024. While this projection is still far behind the United States’ $342.5 billion market, experts forecast an impressive 9.83% CAGR from 2024 to 2029.
Not to sully such an optimistic market outlook, but the potential for rapid growth is concerning. A surge in adoption suggests decision-makers will proceed with implementation before considering the consequences — and the consequences could be severe.
A digital twin is often a one-to-one replica of an object, system or structure that offers insights into layouts, processes or life cycles. It typically updates in real time or near real time, as IoT sensors continuously exchange data with connected visualisation platforms. In the wrong hands, this level of information could threaten the integrity of all digital assets and systems.
Threat actors could use this information themselves or sell it on the dark web. Either way, it would inform cybercriminals of entry points, weak spots and timelines, enabling them to lie in wait for the perfect opportunity to strike.
In some cases, an adversary could use a digital twin to control its real-world counterpart directly. They could use it as a jumping-off point, disrupting or damaging the physical asset it is modelled after. Cybercriminals who launch a distributed denial-of-service attack or inject ransomware could cause costly unplanned downtime. This affects 82% of businesses, leading to lost revenue.
How IoT contributes to cybersecurity risks
IoT devices are often the weak points in the digital twin ecosystem since they continuously exchange data with connected systems, servers and each other. Information is vulnerable to man-in-the-middle attacks while in transit.
These devices have a constant internet connection, making them highly visible. Threat actors don’t have to be particularly sophisticated to find them, either — they can simply use a search engine like Shodan. It doesn’t crawl and index web pages. Instead, it seeks Internet-connected technologies, many of which have inadequate or misconfigured security mechanisms.
Despite policymakers’ attempts to force manufacturers to assume the responsibility for security, the IoT remains vulnerable. One report shows the number of devices with vulnerabilities grew from 14% in 2023 to 33% in 2024, a 136% year-over-year increase.
Sooner or later, IoT will create an opening for cybercriminals. In addition to expanding the attack surface, it makes entry points into previously inaccessible systems. For instance, organisations cannot fully secure the software-server connection between connected nodes and the original equipment manufacturer’s servers even if they strengthen the on-device defences.
There’s also the issue of vulnerability patching. According to a 2024 report from the UK Department for Science, Innovation and Technology, just 27% of consumer IoT manufacturers surveyed have introduced security update requirements for all their products.
A sophisticated cybercriminal could easily use the IoT to compromise digital twin technology without raising red flags. They could hijack resources and run intensive processes, inadvertently damaging the physical asset. Internal readings would appear normal if they manipulated sensor data, enabling them to avoid detection long enough to carry out their plan.
Managing the IoT’s impact on digital twin security
Fortunately, there are several things digital twin owners can do to secure their IoT technologies and strengthen their cybersecurity posture.
Network segmentation
Placing Internet-connected devices and digital twins on separate, private networks effectively creates a digital barrier, preventing lateral movement and limiting the extent of damage. It may even eliminate network congestion, inadvertently improving performance and reducing latency.
Honeypot
In cybersecurity, a honeypot is a replica system, storage device, server or application that acts as a decoy. It lures threat actors in and traps them, ensuring they can’t damage real assets. It also gives the information security team insights into attackers’ tactics.
Zero Trust architecture
Perimeter security is a thing of the past — there is simply no way to keep out determined cybercriminals. Instead, organisations should prioritise developing a zero-trust architecture, limiting access and restricting privileges. No device or person should be implicitly trusted.
Improving IoT security is an ongoing process
Internet-connected nodes have weak default security mechanisms. Their constant connectivity and continuous data exchanges make them even more vulnerable to cyberthreats. Leaders must diligently monitor and address security concerns.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.