Hacked without knowing it

Engineering and IT Insight: Cyber-criminals are stealing manufacturing companies’ intellectual property (IP). Is your lack of cyber security hardware, software, and best practices giving away millions of dollars of IP to unknown competitors without your knowledge?

05/21/2013


It is hard not to be afraid, maybe very afraid. Recent news articles and security analyst reports have listed the types of attacks and illicit information gathering directed against manufacturing companies, and they are not what you may expect. Much of the current press announcements are about stealing credit card information, social media account passwords, and social security numbers, but cyber-criminals are after something much more valuable in manufacturing companies—their intellectual property (IP). While national security agencies are pushing companies to harden critical infrastructure against disruptions from cyber terrorists, there is less attention given to protecting the intellectual property that manufacturing companies have spent millions of dollars to develop.

Advanced persistent threat

Companies compromised by directed attacks, usually called advanced persistent threats (APTs), have included those in the aerospace, energy, transportation, pharmaceutical, biotechnology, engineering services, high-tech electronics, chemicals, food and agriculture, and metals industries. Information stolen has included product development data, test results, system designs, product manuals, parts lists, simulation technologies, manufacturing procedures, descriptions of proprietary processes, standard operating procedures, and waste management processes. This is information that can be used to replicate production facilities. Many companies think this information has little value outside their company, but if they have global competition and the competition can replicate products and processes at a fraction of the cost, there will be damages.

Most of your competitors will not resort to using illicitly acquired information, but if your competition is based in a country with limited intellectual property rights, or even in a country actively stealing manufacturing IP, then you are at risk. If you are at risk, you may have already been hacked and not even know it. Intellectual property theft is done in a stealth mode. There is a saying among cyber security experts that there are only two types of companies: those that have been hacked, and those that don’t yet know they have been hacked.

Once an APT has established access, the thief will periodically revisit the victim’s network over several months or years and steal technology blueprints, proprietary manufacturing processes, recipes, SOPs, and test results. APTs have been known to maintain access for several years and steal gigabytes of data before they were eventually detected.

If you don’t want an unscrupulous competitor to use your SOPs, production processes, product definitions, and recipes, then it is up to you to ensure that your IT department is protecting your manufacturing IP. The IT department is probably already protecting its financial and personnel records, but it may not realize the value of your manufacturing IP.

With physical security, a company can reduce your risk by operating in safe neighborhoods, alarming all of your windows and doors, and hiring security guards. Unfortunately, with cyber security there are no safe neighborhoods. The Internet has put cyber-criminals only one click away from your doorstep, so we are all in the same electronic neighborhood. There is no equivalent for the neighborhood beat cop who looks for suspicious behavior and checks that doors and windows are closed and locked. In the electronic neighborhood you have to protect yourself. This means that companies need to install firewalls for protection to the outside, and firewalls and account protections within the corporate network. Interior firewalls provide the same level of protection as locked interior doors and filing cabinets inside locked buildings. You don’t want to make a cyber-criminals’ jobs easier by giving them unrestricted access once they are inside the corporate network. Don’t believe that a single firewall will protect all of the internal systems; install firewalls and security access between business systems and manufacturing systems.

Access points

With physical security, windows and doors are the ways in and out. With cyber security, the ways in and out can be different. Many attacks are introduced through infected USB drives and email, but report back through Internet communications. IT departments should have procedures in place to monitor all outbound Internet traffic for suspicious and atypical behavior. For example, there may be a burst of communications to overseas servers from a manufacturing server at the same time every day, or a set of port scans coming from a server that should be running only document management services. These are indications of a compromised system. Maybe you cannot always keep the bad guys out, but you can recognize when you have been hacked and you can keep them from phoning home.

With physical security, companies can employ security services to monitor alarms and provide guards to look for suspicious activity. If your manufacturing IP has value and would put you at a corporate disadvantage if stolen, then you need to employ active measures to maintain security. These can be accomplished through port scans, checks of actual installed vs. approved programs and libraries, checks of actual vs. approved accounts, and checks of actual vs. approved scheduled tasks. These checks need to be scheduled so they don’t disrupt production systems. Fortunately, someone stealing intellectual property does not want you to shut down production. The thief wants to get your information without you knowing, so many thefts are not from production systems but from the secondary support system, such as document servers, design systems, and backup systems. This means the IT department can usually be very aggressive in checking support systems without impacting production systems.

Making your own safe neighborhood, locking and protecting your assets, and employing active measures to check for security breaches are the main tools for protecting your manufacturing intellectual property. There are bad guys out there, and they want to break in. You should work with your IT department to make sure you can keep the bad guys away from your manufacturing IP.

- Dennis Brandl is president of BR&L Consulting in Cary, N.C., www.brlconsulting.com. His firm focuses on manufacturing IT. Contact him at dbrandl@brlconsulting.com. Edited by Mark T. Hoske, content manager, CFE Media, Control Engineering and Plant Engineering, mhoske@cfemedia.com.

ONLINE extra

This posted version contains more information than the print / digital edition issue of Control Engineering.

At www.controleng.com, search cyber security for more on related topics.

See other articles for 2013 at www.controleng.com/archive.

See other security and safety articles



STANLEY , AZ, United States, 05/23/13 07:46 PM:

Dennis in the above article has highlighted some threats from cyber terrorists, and stealing of company secrets. Another threat is from the Stuxnet worm and its partner Dukel worm that may take control over systems, after stealing control information from Programmable Logic Controlers(PLC). This has compromised a prison, by social engineering, and deployment of the Stuxnet worm that oppened prison cells. Other dangers may be nuclear plants, oil refineries, or other critical industries. Consider the threat that governments pose in stealing company secrets from government contractors, the military, and other businesses that provides for virtual warfare! These issues are tackled by New Millennium Software Engineering, including combatting compromising PLCs.
STANLEY , AZ, United States, 05/23/13 08:06 PM:

Dennis has emphasized some threats to companies. Further threats are the Stuxnet, and corresponding Dukel worm that latter gathers information about Programmable Logic Controllers (PLCs) to provide the Stuxnet worm with control access to systems, for example the prison cell doors were opened after some social engineering through email on the control system network. Other governments, have hacked government contractors with compromised RSA pass codes. Control systems for nuclear plants, or oil refineries maybe be accesses to take control over systems. We have entered a virtual war era. These issues as how to combat the Stuxnet, and Dukel worms by removing vulnerability to their contamination.
STANLEY , AZ, United States, 05/24/13 05:36 PM:

Dennis has emphasized some threats to companies. Further threats are the Stuxnet, and corresponding Dukel worm that latter gathers information about Programmable Logic Controllers (PLCs) to provide the Stuxnet worm with control access to systems, for example the prison cell doors were opened after some social engineering through email on the control system network. Other governments, have hacked government contractors with compromised RSA pass codes. Control systems for nuclear plants, or oil refineries maybe be accesses to take control over systems. We have entered a virtual war era. These issues as how to combat the Stuxnet, and Dukel worms by removing vulnerability to their contamination.
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
Hannover Messe 2016: Taking hold of the future - Partner Country status spotlights U.S. manufacturing; Honoring manufacturing excellence: The 2015 Product of the Year Winners
Inside IIoT: How technology, strategy can improve your operation; Dry media or web scrubber?; Six steps to design a PM program
World-class manufacturing: A recipe for success: Finding the right mix for a salad dressing line; 2015 Salary Survey: Manufacturing slump dims enthusiasm
Getting to the bottom of subsea repairs: Older pipelines need more attention, and operators need a repair strategy; OTC preview; Offshore production difficult - and crucial
Digital oilfields: Integrated HMI/SCADA systems enable smarter data acquisition; Real-world impact of simulation; Electric actuator technology prospers in production fields
Special report: U.S. natural gas; LNG transport technologies evolve to meet market demand; Understanding new methane regulations; Predictive maintenance for gas pipeline compressors
Warehouse winter comfort: The HTHV solution; Cooling with natural gas; Plastics industry booming
Managing automation upgrades, retrofits; Making technical, business sense; Ensuring network cyber security
Designing generator systems; Using online commissioning tools; Selective coordination best practices

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
This article collection contains several articles on the vital role that compressed air plays in manufacturing plants.
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.
click me