© Philipp Katzenberger | Unsplash

Three Tips for Improving Industrial Cybersecurity

May 27, 2020
Tackling the escalating threats in manufacturing.
A Deloitte study stated that 40% of manufacturing firms experienced a cyber-attack last year, with 38% of those suffering from over $1 million in damage costs.

These figures are expected to rocket as manufacturers are increasingly under threat from cyber-attacks. Here, Claudia Jarrett, US country manager of industrial parts supplier EU Automation, offers three tips for manufacturers against the rising threat to cybersecurity.

Cyber-attacks are a serious concern. While they pose a threat to typical business vulnerabilities, infiltration from a cybercriminal in a manufacturing setting can shut down a plant's operations.

Let’s go back to 2013 when hackers struck the manufacturing industry. The entire Internet was pinged by a single operator, which included 3.7 billion connected computers and devices around the world.

It was also revealed that around 114,000 manufacturing industrial control systems (ICS) were vulnerable to attack and that 13,000 were accessible without inputting a single password.

Although this acted as a wake-up call for the manufacturing industry, the tenacity of cybercriminals continues to discover new ways of breaching a company’s defense system.

In fact, the Official 2019 Annual Cybercrime Report, predicts that cybercrime will cost companies across the world $6 trillion annually by 2021, with manufacturing quickly becoming the main target.

With that said, how can manufacturers combat attacks?

Employee Training

The first stage of implementing a rugged security procedure is to evaluate the understanding of employees. The responsible system owner, whether that is a plant or facility manager, must first assess the weak points of its system—particularly the human element.

Cyber threats are not always directly linked to cybercriminals. Human judgment can result in unintentional errors, leading to vulnerabilities in internal systems. All it takes is one malware-infected device plugged into the network to cause disruption—this doesn’t have to be malicious; it can be accidental.

Although accidents happen, they can be minimized by training employees and implementing procedures for when an attack occurs.

Employees must also understand the importance of patch maintenance and the installation of continuous updates. Cybercrime isn’t a static threat but is ever-evolving. Tests need to be carried out as and when vulnerabilities are revealed, or new software is released.

Equipping workers with this knowledge not only provides awareness of the concern surrounding security but decreases the likelihood of a cyber-attack occurring.

Maintain Industrial Control

According to figures from Kaspersky Lab's Threat Landscape for Industrial Automation Systems report, almost one in two ICS devices display evidence of attackers attempting malicious activity. In fact, the report added the main method of attack was via the internet—accounting for a quarter of identified threats.

This damning statistic could be the result of hackers seeking out unsecured ports and systems, but not all internet-based attacks target industrial networks specifically. The general setup of an industrial network leaves it accessible to the internet.

This means that self-propagating campaigns like Vaporworms, a recent breed of file-less malware that spreads through vulnerable systems, can easily get in when the network connects.

With these statistics in mind, it is clear manufacturers need to protect their ICS’s. This is particularly pertinent for manufacturers operating smart factories, a digitalized that plant includes countless equipment and devices that are connected to a single network.

Vulnerabilities in any of those devices could open the whole system to attack.

By regularly updating operating systems, applying security patches, and restricting network traffic on ports, hackers will find it harder to access a company’s ICS.

Detection Technologies

But, what if hackers do find a way in? Even with the most effective preventative measures in place, cybercriminals will always try to get around them. Usually, it is a matter of when, rather than if.

Current malware protection often relies on signatures to detect malicious code, but this only works on malware that has already been exposed to a threat. Couple this with the relentless hacking techniques of cybercriminals and a new method is needed to detect an attack.

Artificial intelligence (AI) with machine learning could be the solution.

The security company Darktrace uses AI and machine learning to create unique patterns of encryption for each machine and detect abnormalities. When it identifies an emerging threat, the software sends an automatic response and specific AI bots block access to the ICS. By preventing such actions, AI improves the security of interconnected industrial equipment, without the need for human intervention.

The rapid advances of AI are changing cybersecurity considerations in manufacturing, but some manufacturers are concerned that hackers can manipulate AI to attack systems, rather than protect them.

This is, of course, a possibility and provides another example of why cybersecurity procedures need to continuously adapt and improve.

For manufacturers concerned about cybersecurity in their facility, EU Automation, can provide reassurance of the security features of the parts it supplies. However, to remain ahead of the hackers, manufacturers need to continuously adapt and improve security practices across their entire facility—from employees to ICS.