Protecting the production line in the Industrie 4.0, IIoT age
Manufacturing has recently undergone several evolutions, each with the aim of optimizing production processes and increasing agility to meet customer demands, while also reducing production costs. Today, most manufacturers seek to reduce the overhead in stock and costs associated with it, with production planning therefore adjusted to ensure timeliness.
This can be achieved by making factories smarter, via the use of Industrial Internet of Things (IIoT) devices. Such technologies are helping plants collect and analyze data to create insights that help the production line operate more efficiently. What were previously production “islands” operating independently based on weekly production schedules have become interconnected networks of systems that communicate for the business benefit.
The steady growth of Industrie 4.0 is leading to more connected devices and sensors being deployed into manufacturing environments. However, this new openness of the factories is also introducing new risks. A commonly repeated phrase in the information technology (IT) world is if a system is visible to the Internet it is only a matter of time until it will be targeted or affected by security incidents.
The world of operational technology (OT) is taking too long to learn the lessons about security risks that colleagues in IT discovered the hard way. Rather than being seen as a fundamental part of modern OT infrastructure and essential to reaping the benefits of Industrie 4.0, cybersecurity is still either regarded as a grudge purchase, or not considered at all.
Difficulties in securing manufacturing
This is not entirely surprising. Industrial environments are complex by nature and a large proportion of the unmitigated risks come from the fact that machines designed to be deployed in closed networks are now being connected to the cloud via IIoT devices. In many factories that are being retrofitted with real-time remote sensing and analytics, not enough attention is being paid to protecting systems which don’t include basic security features, and therefore may be exposed to attack.
Even when manufacturers are diligent, however, there’s an inherent difficulty in securing non-homogenous environments like the typical factory floor. Where different systems and devices are added over time, it’s easy to make mistakes in configuration that can leave back doors open to hackers. The challenge now is to improve standards within the manufacturing sector, and ensure best practices are adhered to.
Just as an unpatched web server in the IT world is vulnerable to a low-cost automated attack, we are beginning to approach the same inflection point for OT. There have been few substantiated reports of major attacks to date when compared with breaches in corporate data, but that doesn’t mean they aren’t already happening. Indeed, the lack of major headlines compared to consumer and corporate data breaches feeds the complacency around the issue. Yet, as we saw in IT, firms are likely ignorant their OT networks have been breached, since there’s a general lack of monitoring.
The risk is security breaches in manufacturing environments don’t just give attackers access to data. Production stoppages could be financially devastating, and some attacks – including one on a German steel mill in 2014 in which attackers gained access to the control system for a blast furnace – have demonstrated that when control systems are infiltrated it’s possible to cause serious physical damage and put human lives at risk.
Protecting the production line requires a change in the way technology is deployed in manufacturing to reflect the reality of Industrie 4.0 and the risk it generates. Administrators can no longer be complacent; the drive to deliver efficiencies and real-time analytics using cloud-based technologies means OT environments are no longer air gapped from the IT network.
Much of the business benefits from these insights comes from the ability to better judge stock levels and drive just-in-time manufacturing processes. Ironically, these can also make the effects of a cyber incident more damaging. With lower stock levels there is also less buffer for downtime and proper recovery from an attack.
Good security, designed to mitigate these risks, starts with the basics. That means simple things like ensuring good password policies for users, administrators and the IIoT devices themselves, where standards of practice still fall short. It continues with full asset audits and ensuring proper network segmentation is used to protect vulnerable parts of the infrastructure.
On a more in-depth level, it means re-evaluating the entire supply chain and ensuring business partners understand the OT environment and its risks.
To achieve this effectively, manufacturers will need to have an agreed baseline of required industry-wide security measures. They will require a common language to communicate cyber security expectations and countermeasures. While Industrie 4.0 promises many efficiency and productivity benefits within the manufacturing sector, these are not worth the risk of a significant cybersecurity breach.
Anne Klebsch is a ICS security consultant at Applied Risk. This content originally appeared on ISSSource.com. ISSSource is a CFE Media content partner. Edited by Chris Vavra, production editor, CFE Media, firstname.lastname@example.org.