One of the industries most susceptible and highly targeted for cyber attacks in recent times is the high-tech manufacturing industry. In 2014, it was estimated that 21% of manufacturers had suffered a loss of Intellectual Property (IP) in the previous year. Second only to the energy sector in number of attacks reported, the high-tech manufacturing industry has seen real transformative change with the emergence of connected devices and the IoT enabling real-time analytics and performance data, however, those very same systems are more and more being maliciously targeted by hackers in order to access the Industrial control systems that are at the heart of these manufacturing operations. Because of this, Industry experts have begun to call for more funding of IoT security research and the strengthening of and extended outreach to manufacturers from The Industrial Controls Systems Cyber Emergency Response Team.
What Are The Threats?
The high-tech manufacturing industry is vulnerable to a wide variety of different forms of attacks and exploitation and, because of this, it can often be difficult to prioritize different cyber security solutions. This is not helped by the suggestion of one study, published in April 2017 by experts at the Ipsos MORI Social Research Institute and Institute for Criminal Justice Studies at the University of Portsmouth, that only 31% of manufacturers regarded cyber security as a high priority. So what is at stake? Let’s take a look at a few of the cyber security threats to manufacturing.
Theft of private or confidential data:
Hackers could choose to target the personal information of employees working at a specific facility or company-wide as well as access their employee records. Data regarding research and development, patents and proprietary systems would also be at risk of being stolen if adequate security measures were not in place to protect them.
Damage to infrastructure, equipment or systems:
Connected devices, systems, and machinery are all at risk of damage due to unauthorized remote access. Attacks that cause equipment or systems to malfunction or operate in a way that is unsafe can end up causing damage that costs the company huge amounts of money to repair and replace.
Obstruction of operational, distributional or manufacturing operations:
A malicious hacker gaining control of connected devices and damaging them isn’t the only way these systems are at risk. Automated machinery in manufacturing plants is particularly vulnerable to industrial cyber attacks as it can cause disruption to services and distribution and cause delays, making it a powerful weapon in corporate sabotage.
Damage to company reputation:
As mentioned above, some of the attacks businesses may face could cause delays in production, the production of faulty goods or some other outcome that could result in damage to a company’s reputation or cause them to be seen in a negative light publicly. These issues can make it difficult for a company to carry on doing business and harm its ability to produce and make a profit.
So, we’ve seen the types of cyber threats the high-tech manufacturing industry has to contend with, now let’s take a look at a few real-life cyber attack situations and what the effects of the attack were.
Steel Mill, Germany, 2014:
A blast furnace in a German steel mill was taken over by hackers who had successfully taken over both production software and control systems. The hackers reportedly gained access to the steel mill’s systems by sending spear phishing emails to employees at the site.
Uranium Enrichment Plant, Iran, 2007/2008:
Back in 2010, it was discovered that the US and Israel had launched a sophisticated digital weapon, called Stuxnet, against Iranian control systems for centrifuges at a uranium enrichment plant with the aims of sabotaging them. An early version of Stuxnet reportedly increased the pressure inside the centrifuges in an effort to damage both the device and the enrichment procedure.
VTech, 2015:
In December of 2015, Hackers gained access to VTech servers and the personal data of millions of parents and children was exposed. The information stolen during the breach included the names, addresses, dates of birth and email addresses of parents and children as well as image files of VTech products that were subsequently uploaded to the internet.
SolarWorld, 2014:
In 2014, the US Department of Justice filed charges against 5 Chinese government officials for conspiracy to commit computer fraud and abuse. The perpetrators reportedly stole sensitive business operations information from SolarWorld that could have allowed Chinese competitors to “target SolarWorld’s business operations aggressively from a variety of angles” according to the DOJ allegation.
As industries across the globe begin to further connect and network their operations and systems, it is only logical to assume that vulnerable systems will become susceptible to further attacks from stand-alone hackers, corporate competitors or governments both foreign and otherwise.
What Needs To Be Done To Secure Manufacturers And Facilities?
In order to secure connections and enable manufacturers to use connected devices and network to enhance their operations, certain aspects will need to be looked at individually and prioritized in order to get the most out of any security systems or applications. So what are they? And how can they be protected? Let’s now divert our attention to what can be secured in order to best protect not only manufacturers, but their employees and facilities too.
Networks:
Protecting their network should be one of the top priorities of any IT security teams for businesses and manufacturers. In order to avoid unauthorized access, misuse, damage or improper disclosure, manufacturers need to ensure that they have taken the appropriate risk management steps to identify security weaknesses and develop or acquire appropriate solutions.
Endpoints:
With connected devices becoming an increasingly common feature of high-tech manufacturing, it is no surprise that hackers have come up with ways to use these connections in order to gain access to networks and systems. Endpoint security management is a policy that firms could introduce as a way of further protecting themselves from exploitable connections by requiring endpoint devices to meet with a specific set of criteria before they are granted access to network and its systems.
Control Systems:
Control systems are at the heart of most IoT connected devices, not only in in the manufacturing industry, but many others across the globe. In order to protect their control systems from being hacked, manufacturers should apply appropriate security strategies based on risk assessment and management procedures in order to control remote connections, ensure proper configuration of security systems, build a defendable network and monitor and respond to attacks as are detected.
SOPs and Security Strategy:
As well as both hardware and software-based applications, there are a number of ways businesses in the manufacturing and other industries can help improve their cyber security standing. Implementing basic cyber security training into employee training schemes as well as standard operating procedures to protect network security and incident response plans so as staff are prepared in the event of an attack.
What Is Available To Help?
As we’re all no doubt aware, the need for cyber security is not a recent development, and, as with any technology that has been around for a while, there are people and companies working on exactly these issues in order to produce products and services that enable high-tech manufacturers and others to operate secure networks. As the majority of businesses of all sizes have some form of cyber protection systems or programs, cyber attacks tend to evolve over time in order to incorporate and take advantage of the latest technological innovations and their vulnerabilities. For this reason, security systems and applications need to be “future-proof” in order to take into account the ever-evolving nature of cyber security.
As well as enabling and catering to future expansions and upgrades, any cyber security systems will also need to be able to detect potential threats before an attack happens. Hostile behavior patterns need to be detected and analyzed in order to calculate the risk they pose to the computer or network. Packet inspections will need to be utilized along with various network sensors, identifiers and API security management procedures. Security applications and systems are not new to the market and there is a wide variety to choose from. In order to best recognize and understand individual security requirements, it is recommended that manufacturing business and organizations schedule full security and risk diagnostics to better enable themselves to see what security features are need most and where.
Only time will tell how the high-tech manufacturing industry deals with its need for increased cyber security. With the IoT looking to introduce even further networking, automation and connected systems, the high tech industry will need to ensure it keeps adapting to evolving threats in order to protect themselves from becoming yet another cyber attack statistic.
