Protecting manufacturing from cyber breaches

Protecting manufacturing from cyber breaches
(Image credit: Pixabay)

Manufacturing has been revolutionized by the development of increasingly sophisticated and connected operational technology (OT). Internet of Things (IoT) devices and sensors, in combination with industrial control systems (ICSs) and Supervisory Control and Data Acquisition (SCADA) environments, are allowing businesses to peer deep into their processes and leverage data to increase efficiency, develop new services and create additional value. The advent of 5G will make the ability to connect machinery and stream real-time data an option even for the hardest to reach places on the factory floor, adding to existing systems such as CMMS software for maintenance and ERP software for inventory and dispatch.

About the author

Paul Robinson, Chief Technology Advisor, WWT.

This is the foundation of Industry 4.0: the integration of IT and OT to create a truly digital factory. By connecting ICSs to the network, businesses are unlocking new levels of agility, insight through analytics, and data-driven automation that were previously unimaginable.

But as with any integration, there are always going to be teething problems. The crucial bump in the road towards Industry 4.0 is cybersecurity. OT systems have rarely been subject to the same upgrade and replacement cycles as their IT systems and connecting OT to the wider network brings with it all of the security risks to which IT has been beholden for decades. 

Connected threats

Many of these systems are being connected to the outside world for the first time, launching potentially unprepared and insecure networks and devices into an incredibly hostile and sophisticated threat landscape, and plugging these vulnerable networks straight into the business’ wider systems, causing problems for IT infrastructure management.

Industrial leaders need to be aware of the risks posed by these increasingly connected environments and plan accordingly. But this amounts to a significant change in mindset. In the past, endpoint security hasn’t been a major priority for stakeholders in OT. Vulnerabilities of ICS and SCADA systems were relatively limited and regarded as more hypothetical than real. 

But this is no longer the case. Linking OT to IT exposes the digital factory to significant risks, as a series of recent high-profile manufacturing breaches has made clear.

Real-world risks

The NotPetya attack in 2017, spread originally through IT systems via phishing emails and hijacked software updates, wreaked havoc on industrial systems and caused a global meltdown resulting in more than $10 billion in damage. Nordic shipping company A.P. Møller-Maersk found its entire global network brought to a standstill, leading to damage costing the business between $250 million and $300 million. 

WannaCry, a precursor to NotPetya, has also caused significant damage in manufacturing environments. Renault-Nissan reported disruption at five of its plants, where infected IT systems had to be unplugged from the network to prevent their spread, leading to costly delays.

This destruction is not limited to the headline-grabbing malware. In Germany, a cyberattack on a steel mill led to the locking of its IT systems and significant physical damage. Control systems were so compromised that a blast furnace could not be properly shut down, resulting in destruction of equipment.

These breaches all stem from a threat in IT spilling over into the OT environment, with often disastrous consequences. But the threats run both ways, and OT systems pose their own risks for IT. A study by Fortinet has found that in the past year alone, nearly six in ten organisations using SCADA or ICS systems have experienced a breach. Now they are most closely connected to IT, any infection to OT could compromise the entire business’ infrastructure. 

It’s not only ICS and SCADA systems themselves which are vulnerable. IoT devices, which have become so prevalent on the factory floor in recent years, are often not given the same security treatment as traditional devices like mobiles and desktop computers – even though they are equally viable entry points for attackers. The proliferation of 5G-connected IoT sensors means a radical expansion of the potential attack surface for manufacturers.

Security Starts With Visibility

To secure this new source of vulnerability, and protect themselves from attacks, manufacturers must first understand what assets are connected to the network and the dependencies and traffic flows of OT system through business applications. This will give the required initial insight to allow for OT cybersecurity to create a plan to improve security posture within the OT environments.

In other words, as threats to IT and OT systems become more sophisticated and prevalent in the coming years, comprehensive, consistent security practices will be paramount in securing manufacturing operations.

Paul Robinson

Paul Robinson is the Chief Technology Advisor(EMEA) at World Wide Technology. He is a leader in strategy and innovation specializing in business and technology transformations. With over fifteen years of consulting experience across the Pharmaceutical / Life Sciences, Financial Services and Government sectors, his focus is on becoming a trusted advisor to IT Executives leading them through the strategic and business application of technology.