Not long ago, many manufacturing CIOs thought that cybersecurity was something only the financial sector had to worry about. Why would anyone want to hack a manufacturing plant? How times have changed – now, cybersecurity in manufacturing is definitely front and center. But how do you meet the challenge when the hackers target you?
I learned my trade as an engineer. We prided ourselves in getting things working and keeping them working. If things were working, there’d have to be a darn good reason to tamper with it. And that’s great for a physical, unconnected piece of machinery. But, in new ultra-connected manufacturing facilities, it’s a potential communications nightmare. It leaves you vulnerable to attack.
In a survey, Deloitte found that 39% of manufacturers had experienced a data breach in the past 12 months. The worrying fact is that these aren’t random attacks by bored teenagers. These are targeted attacks by experienced criminals.
In fact, over 85% of attacks on manufacturers are targeted. Industrial espionage, the theft of Intellectual Property and subsequent counterfeiting still rate highly as motives for attacks. Increasingly, connected manufacturers are collecting data – especially personal data – on which hackers can place a monetary value. New privacy regulations such as GDPR mean global manufacturers must be able to securely manage personal data across international borders – or face potentially huge fines.
Cybersecurity in manufacturing: The size of the threat
Security professionals talk about perimeters and attack surfaces to describe the entirety of what a company has to protect. Simply determining that attack surface can be challenging for many manufacturers as operations can be split between manufacturing plants in several countries spread across the globe.
Manufacturing supply chains are now complex, geographically dispersed ecosystems of small and large trading patterns – each one posing its own security risk as you increasingly open your system to improve operations, enhance collaboration and speed innovation.
The picture within the manufacturing facility is even more complex. The rise of the Industrial Internet of Things (IIoT) has created incredible operational and business opportunities but has multiplied the security risk. The IoT devices and equipment that are being installed on the factory floor and in the finished products are often designed for performance rather than security. There is a range of communication protocols in use and, worse still, there are no real IoT standards.
In addition to installing new IoT-enabled equipment, including the odd coffee machine or two, companies are retro-fitting legacy systems with IoT devices. The attack surface is huge, growing and it’s vulnerable. Consider a small IoT sensor. It’s built to perform a simple monitoring function and pass data to the corporate network. It doesn’t have the computing power for complex security settings. Yet, if an attacker can hack the simple password – often left with factory settings! – they don’t just gain access to that device. They have a backdoor into your entire corporate network. Once in, hackers can lurk on the systems doing untold damage.
Cybersecurity in Manufacturing: What can you do?
Virtually any manufacturing process can be subject to a data breach. You need a systematic approach to assessing, identifying, stopping and, sadly, remediating cyber attacks. Some important points to consider include:
Protecting your IP
- Industrial espionage is still one of the chief reasons for attack. However, you still need to share that information internally and externally with partners in the production and distribution processes. Using the cloud is likely to be the most effective means for exchanging IP-based information in your supply chain but can you guarantee the levels of security you need? This is precisely the service we’ve been delivering to the automotive industry for many years.
Preventing Cyber Fraud
- It’s not just the general public that can be duped by phishing emails. Criminals target manufacturing finance and procurement departments with invoices that look just like the real thing and monies are siphoned off into the thief’s bank accounts and gone.
The need for an identity-driven IoT platform
- The proliferation of IoT devices throughout your organizations represents a proliferation of security vulnerabilities. But, the devices don’t exist in isolation. They form part of a new digital ecosystem of things, people and systems. It is essential for operation and business success that data is able to pass quickly and secure between all entities. An identity-driven IoT platform handles all the different IoT protocols while ensuring that effective security and authentication is applied to every player on the network–at scale.
Stopping them at the edge
- Today, large manufacturers are implementing thousands, even millions, of IoT device n their network. You need to be able to monitor and detect suspicious activity on every device, whether on or offline. The latest endpoint security solutions – such as OpenText™ EnCase™ Endpoint Security – provide deep and trusted visibility into every endpoint to quickly identify and respond to attacks.
When the worst does happen…
Sadly, the fact is that in our modern, connected world the question isn’t if but when you’ll be attacked. The important element is how quickly you can identify, isolate and remedy the breach. This is essential not just to continue operations but, in the case of a breach of personal data, to protect your brand. We have two solutions that can help: with OpenText™ EnCase™ Endpoint Security, you can identify the breach (and what was affected) and with OpenText™ EnCase™ Endpoint Investigator, you can conduct a deep dive analysis of the endpoint(s).
I think I can safely leave my crystal ball at home as I make two predictions: Manufacturers are only going to become more digitized and more connected. Secondly, the sector will become more and more attractive for hackers and criminals alike. Taking a holistic approach to cybersecurity across your entire manufacturing operations and supply chain now will potentially save a great deal of pain later.
Just take the example of Merck. The company estimated a financial impact of $695 million as a result of the NotPetya ransomware cyberattack. You should remember that the company wasn’t even the target of the attack, simply ‘collateral damage’. Think about the damage hackers can do when they are after you.