- By Mark Howard
- May 28, 2020
By Mark Howard
Cyber-attacks are a serious concern. While they pose a threat to typical business vulnerabilities, infiltration from a cybercriminal in a manufacturing setting can shut down a plant's operations. This article offers three tips for manufacturers against the rising threat to cyber security.
Cyber-attacks are a serious concern. While they pose a threat to typical business vulnerabilities, infiltration from a cybercriminal in a manufacturing setting can shut down a plant's operations.
Let’s go back to 2013, when hackers struck the manufacturing industry. The entire Internet was pinged by a single operator, which included 3.7 billion connected computers and devices around the world. It was also revealed that around 114,000 manufacturing industrial control systems (ICS) were vulnerable for attack, and that 13,000 were accessible without inputting a single password.
Although this acted as a wakeup call for the manufacturing industry, the tenacity of cybercriminals continues to discover new ways of breaching a company’s defence system. In fact, the Official 2019 Annual Cybercrime Report, predicts that cybercrime will cost companies across the world $6 trillion annually by 2021, with manufacturing quickly becoming a main target.
With that said, how can manufactures combat attacks?
The first stage of implementing a rugged security procedure is to evaluate the understanding of employees. The responsible system owner, whether that is a plant or facility manager, must first assess the weak points of its system — particularly the human element.
Cyber threats are not always directly linked to cybercriminals. Human judgment can result in unintentional errors, leading to vulnerabilities in internal systems. All it takes is one malware-infected device plugged into the network to cause disruption — this doesn’t have to be malicious; it can be accidental.
Although accidents happen, they can be minimized by training employees and implementing procedures for when an attack occurs.
Employees must also understand the importance of patch maintenance and the installation of continuous updates. Cybercrime isn’t a static threat but is ever evolving. Tests need to be carried out as and when vulnerabilities are revealed, or new software is released.
Equipping workers with this knowledge not only provides awareness of the concern surrounding security, but decreases the likelihood of a cyber-attack occurring.
Maintain industrial control
According to figures from Kaspersky Lab's Threat Landscape for Industrial Automation Systems report, almost one in two ICS devices display evidence of attackers attempting malicious activity. In fact, the report added the main method of attack was via the internet — accounting for a quarter of identified threats.
This damning statistic could be the result of hackers seeking out unsecured ports and systems, but not all internet-based attacks target industrial networks specifically. The general set-up of an industrial network leaves it accessible to the internet. This means that, self-propagating campaigns like Vaporworms, recent breed of file-less malware that spreads through vulnerable systems, can easily get in when the network connects.
With these statistics in mind, it is clear manufacturers need to protect their ICS’s. This is particularly pertinent for manufacturers operating smart factories, a digitalized that plant includes countless equipment and devices that are connected to a single network. Vulnerabilities in any of those devices could open the whole system to attack.
By regularly updating operating systems, applying security patches and restricting network traffic on ports, hackers will find it harder to access a company’s ICS.
But, what if hackers do find a way in? Even with the most effective preventative measures in place, cybercriminals will always try to get around them. Usually, it is a matter of when, rather than if.
Current malware protection often relies on signatures to detect malicious code, but this only works on malware that has already been exposed to a threat. Couple this with the relentless hacking techniques of cyber criminals and a new method is needed to detect an attack. Artificial intelligence (AI) with machine learning could be the solution.
Security company, Darktrace uses AI and machine learning to create unique patterns of encryption for each machine and detect abnormalities. When it identifies an emerging threat, the software sends an automatic response and specific AI bots block access to the ICS. By preventing such actions, AI improves the security of interconnected industrial equipment, without the need for human intervention.
The rapid advances of AI are changing cyber security considerations in manufacturing, but some manufacturers are concerned that hackers can manipulate AI to attack systems, rather than protect them. This is, of course, a possibility and provides another example of why cyber security procedures need to continuously adapt and improve.
For manufacturers concerned about cyber security in their facility, EU Automation, can provide reassurance of the security features of the parts it supplies. However, to remain ahead of the hackers, manufacturers need to continuously adapt and improve security practices across their entire facility — from employee to ICS.
Click Here for More Information
Did you enjoy this great article?
Check out our free e-newsletters to read more great articles..Subscribe