Cybersecurity in Industrial Automation: How Things Impact today

Cybersecurity Definition

As interconnectivity between systems driven to ever greater heights, the security threat to industrial automation continues to grow.

The Internet of Things (IoT) continues to expand into the industrial sphere, further exposing systems to malicious activity that seeks to attack manufacturing capability, steal data and information, and cripple essential systems.

Automated manufacturing processes have their own unique vulnerabilities, which exacerbate by increased internet connectivity and complex interoperability protocols between incompatible systems.

Is your facility prepared for a cyberattack? You aren’t immune if you haven’t developed a cybersecurity management system and made your organization disaster resilient.

the Intersection of Industrial Automation, the Internet of Things, and Cybersecurity

Industrial automation and control systems, known as IACS, is defined as a collection of networks, SCADA systems, control systems, and more that are vulnerable to a cyberattack.

The difference between an attack on the IACS and IT has to do with their differing priorities.

• IT (information technology) is prioritized for information. IT designed to process, communicate, and secure information from interference and unauthorized access.
• OT (operational technology) prioritizes for operational availability, including confidentiality and integrity.

A unique issue for operational technology is the age of the hardware, firmware, and software.

Much of the equipment in use, such as sensors, PLCs, and other controls, developed and put into service five to ten years ago or more.

They were designed at a time when the internet, cloud-based systems, and communication infrastructures were more primitive. The systems were less intertwined into the controls as they are today.

Add in the Internet of Things (IoT), which developed for the cloud and web-based software systems.

The benefits of IoT promise to be higher accuracy, quicker process completion, reduce errors, and enhances efficiency.

But it also brings with it vulnerabilities to attack because of the need for a remote connection.

It is impossible to secure any internet-connected machine or device entirely from exploit.

New security incursions found every day that mean to take control of devices and functionality.

Unfortunately, many IoT vendors have not embraced security as a requirement.

Put together the age and lack of sophistication of manufacturing controls, which make industrial automation possible, and a vulnerable network, and you have a looming cybersecurity nightmare.

Threat Statistics

Kaspersky Lab, a prominent cybersecurity and anti-virus provider, delivers a report for the second half of 2018 that showed over 200 vulnerabilities found in industrial control systems designate as high or critical security risks.

The leading enterprises most vulnerable to attack were the manufacturing processes, the energy sector, and water supply, closely followed by food processing, agriculture, and chemicals.

Kaspersky also noted that most of the vulnerabilities “…can exploit remotely without authentication and exploiting them does not require the attacker to have any specialized knowledge or superior skills.”

Over 19,000 malware modifications from 2,700 different families of industrial systems detect by Kaspersky products alone.

Multiply that by the number of other security vendors, and you can begin to see the extent of the issue.

The Intent of the Exploits and Other Security Challenges

People attack industrial automation and IoT systems for several purposes.

• For extortion, as in a ransomware attack.
• As an indiscriminate external attack geared to spread over a wide area.
• To target external vulnerabilities to block production.
• To target attacks to impact the quality or state of the completed product.

Most attacks come from outside, but some may be launched from inside.

Beyond the problems above, other challenges include updating the software on each control device and system and the system functionality to maintain efficiency.

Neither is easy to accomplish without system downtime. Also, virus-scanning software often is inappropriate for the operational technology environment due to potential interference with operations and a reduction in system availability.

Security Issues Unique to Industrial Control Systems

As mentioned before, many of the controls in use today were developed many years ago, before cybersecurity was even a glimmer in an engineer’s eye. But industrial automation systems have other challenges unique to the environment.

• Many automation systems are amalgams of integrated systems and platforms developed by different vendors.
• However, The systems have a mix of proprietary and non-proprietary components.
• Non-proprietary products may present security challenges if they run on platforms prone to hacking, such as Microsoft OS.
• Many different devices involved in the system, each with its own vulnerability or security issue, such as PLCs, wireless transmitters, sensors, and remote terminal units.
• Finally, most of the automation components were built to last, and the long lifespans mean they could be in operation for years before being to upgrade or replace.

And also, These security vulnerabilities compound by the increase in the integration of production networks with corporate networks such as sales, business oversight, and supply chain management.

How to Secure Your Industrial Facility against Cyberattack?

First of all, don’t try to do it all at once. Second, don’t cherry-pick systems randomly to try and fix.

Identify, analyze, and prioritize your security activity by performing risk assessments on each system and determining the consequences of an attack.

Be methodical and wait until you have completed all risk assessments. Then ensure all systems are stable and begin to address the security issues with the highest risk systems first.

Continue from there until you have worked through the systems in the priority established by those assessments.

And also, You have several pathways to reducing the vulnerability of your systems.

• Address administrative controls – the procedures and policies on cybersecurity, system security, and information
• security – for everything from password integrity to major incident protocols, and include physically securing connected mobile devices.
• Implement physical controls such as locking cabinets and restricting access to various controls.
• Perform staff training to emphasize the importance of security. Train everyone on the technical policies and
• procedures, how to use the security systems, and how to guard against phishing attacks and other issues from outside.
• Implement the correct technical controls from firewalls and anti-virus to intrusion prevention. Develop a recovery process and backup procedures in the event of catastrophic data loss or hacking attacks.
• And also, Upgrade the legacy systems and devices. Create a plan to upgrade and replace non-secure components, platforms, and devices.

Standards have been developed, such as the IEC62443 (formerly ISA-99), and others are coming to provide guidance for reporting and procedures as part of a cybersecurity management system.

In this case, specifically for cybersecurity in an industrial automation and control system. Standard-development organizations hope to help facilities prevent or reduce the risk of cyber-attacks through effective policies, procedures, and processes.

Cybersecurity isn’t just for IT companies anymore. It never really was. Manufacturing, packaging, and other industrial organizations must step up their game to keep the lines running and quality high.

Becoming aware of the issue of cybersecurity and performing a risk assessment of your business is a start.