Loading
Blog | Management Perspectives
Recent ActivityRecent Activity

Cybersecurity Risks in the Smart Factory: Sources and Solutions

Cyber risks in industrial environments have increased in recent years. By identifying the most common sources leadership can be proactive in mitigating the risk of attack.
Cybersecurity Risks in the Smart Factory
Blog | Management Perspectives
Recent ActivityRecent Activity
Cybersecurity Risks in the Smart Factory: Sources and Solutions
Cyber risks in industrial environments have increased in recent years. By identifying the most common sources leadership can be proactive in mitigating the risk of attack.

Amid the turmoil of recent years, where the manufacturing sector has played a pivotal role in maintaining social and economic stability during a time of unprecedented stress, some opportunistic bad actors have seen a fertile ground for profit.

Ransomware attacks on organizations globally increased by 105% globally in 2021. During this time, manufacturing suffered the brunt of the activity – assuming Financial Services’ position as the ‘most attacked’ industry – as cyber criminals sought to exploit supply chain vulnerabilities and weaknesses exposed by companies undergoing a rapid, though often uneven digital transformation process.

These attacks are unlikely to abate in the immediate future. The costs and barriers of executing a cyber attack, whether seeking to disrupt operations, steal valuable information or extort the company, are so low that the malicious actor need only keep replicating a proven exploit over and over until they are successful. The onus is therefore on manufacturing leaders to elevate their organization’s security threshold to reduce the surface available to cyber attackers.

Sources of Cyber Threats

A typical industrial environment is an attractive target for cyber criminals. The mix of ageing operational equipment with complex, often-untested IT systems can create unforeseen vulnerabilities. By disrupting these environments and stealing important data, the criminal is well positioned to demand ransom or otherwise profit from the impact of their actions. Once successful, the bargaining process is weighed heavily in their favor meaning businesses need to either call their bluff or pay the price for resolution.

There are several areas where these attacks commonly emerge in manufacturing environments.

  • IoT vulnerabilities

Advancements in connected technologies, including machine sensors, robotics, augmented reality, and wearables, are transforming the way manufacturers operate. The promise of an environment where people and machines interact seamlessly based on real-time data will produce immense productivity benefits.

The risks, however, lie in how these technologies are implemented. Inadequate security controls, such as lax passwords and weak authentication, can create opportunities for external actors to access systems, gain control of machinery and steal sensitive data. These actors may remain undetected for days or weeks, giving them ample time to maximize the damage they inflict.

Loading
  • Remote or at-home working security misconfigurations

Necessities around social distancing and restrictions on travel have placed an unforeseen set of burdens on industrial environments. Personnel who may otherwise have been working on site, where their IT usage would have been tightly governed by regular protections and procedures, are now operating from environments where they hold responsibility for the security of their connections and protection of data.

The skills involved in maintaining high security standards and best practices may not yet be second nature to the individual – it only takes small errors, such as connecting to unsecured wifi or leaving equipment containing sensitive data in public locations, to trigger a security event.

  • Phishing attacks

Phishing has remained a primary tool for cyber attackers across sectors. Its simplicity means that attackers need only gain access to company contact details, such as a database of email addresses, to send malicious emails or text messages in the hope that an unwitting employee clicks through.

Where these attacks become particularly worrying is in their growing sophistication. Attackers are increasingly pursuing spear-phishing attacks, where they map out a social graph around key personnel, such as a company CEO or financial executive. Once identified, they then send credible informational requests or links to malicious cloud-based documents, to gain access to important company data or funds.

The fragmented nature of manufacturing organizations makes them particularly vulnerable to phishing attacks. Unsurprisingly, the sector has become the most targeted for criminals employing these sorts of tactics.

Loading
  • Social engineering

Social engineering has long been an effective tactic for criminals, pre-dating many of the digital tools we have today. It involves manipulation-based strategies to get someone to agree to do something they otherwise wouldn’t. Imagine, for example, calling an unsuspecting member of company staff with a compelling reason for why they must send information in their possession right now. In a digital manufacturing environment, these attacks could extend to encouraging machine operators to facilitate access to mission-critical systems, or disrupting supply chain operations by contacting key suppliers under false pretenses.

  • Insider threats

It’s been well documented that the biggest threats an organization faces often come from within. These may be malicious – a disgruntled employee who sees a quick way to profit – or simply a case of human error. The implications can range from loss of funds from fraud through to machine shutdown due to sabotage. While these attacks can be incredibly difficult to foresee, the point to underline is that no system is 100% secure and therefore steps must be taken to remove trust from the equation as much as possible.

Loading

Advice for Executives

Although each of these threats requires specific, individualized containment strategies, there are general guiding principles that manufacturing leaders can use to raise the level of security in their organization.

1. Gain visibility

If you can’t see what’s going on in your IT or production environment, then malicious actors have a cover of darkness in which to steal information or inflict damage. Shine a light on your network by mapping the different endpoints, interactions and data platforms that would be likely to attract interest from cyber criminals. Understanding the different processes, dependencies and access protocols can help to identify where there are loose elements that would be low-hanging fruit for attackers.

2. Bridge the gap between IT and OT

As long as there are disconnects, either technical or process-based, between industrial machinery and IT systems, there will be opportunities for cyber criminals. Modernizing industrial systems to avoid the risk of isolated and outmoded equipment is the preferable method, however it’s not always practical to remodel or replace an entire stack of machines and systems immediately. A phased transition, combined with closer alignment between IT and operational teams, can help to keep the network as secure as possible as part of a larger, longer-term change process.

3. Don’t let lack of skills be your shortcoming

Employees are a critically important part of any security strategy. Many of the risks that can emerge come from the divergence between systems and the skills required to operate and maintain those systems. Keeping employees refreshed on secure processes, habits and best practices will help to mitigate, though never entirely avoid, some of the most egregious cases of human error that can lead to cyber incidents.

In order to revise your organization’s security systems and policies, the most expedient approach often involves addressing the most obvious vulnerabilities first, before you progress to more advanced solutions. To find out where your business may be unnecessarily exposed, you will first need to audit systems and operations and then put in place a plan for organization-wide change. Find out more, here.

Published April 6, 2022

Tags: The Connected Enterprise, Management Perspectives
Gert Thoonen
Regional Business Development Manager Cybersecurity META, Rockwell Automation
Subscribe

Subscribe to Rockwell Automation and receive the latest news, thought leadership and information directly to your inbox.

Subscribe
Recommended for You
Loading