Cybersecurity: making manufacturing secure
Graham Thomson, chief information security officer at Irwin Mitchell discusses cyberthreats and the ways in which the industry can secure its operations.
Manufacturing is the third most likely sector to experience a data breach, after financial services and insurance. But it’s among the least protected, according to the manufacturers’ organisation Make UK.
Cyber threats are constraining UK industry’s progress with digitalisation.
Companies can be hacked, covertly observed, and have their assets damaged or stolen while remaining completely unaware until it’s too late.
Because Industry 4.0 technology makes a company more connected to machines, the internet and other companies, firms are wary – with good reason – that high levels of digital adoption will increase their exposure to cyber attack. In a study with cyber security providers Vauban Group, Make UK found that while manufacturers are investing in digital technologies, 35% think that cyber vulnerability is inhibiting them from doing so fully.
Cyber attacks also show how closely integrated business IT (business communications and computing, storage and back-office technology) is with operational technology today.
“For Industry 4.0 especially, IT and OT have already converged, and at a speed greater than companies have been able to secure them adequately,” says Graham Thomson, chief information security officer at Irwin Mitchell. Industrial cyber attacks will increase, Graham says, impacting industry in areas like breaches of security, outages, data and IP theft, physical damage to IT systems and to capital equipment.
There are several ways a cyber criminal can attack a manufacturing company, including phishing and other “social engineering” techniques, resulting in malware (virus) infections like ransomware and Trojan horses.
Phishing is the fraudulent attempt to acquire sensitive information like passwords and protected files, or to deploy booby-trapped files, by posing as a trustworthy party. It’s the most common form of cyber attack because there’s a constant stream of different vulnerabilities that a hacker can take advantage of. It could be elicited through a fake advertisement on social media, or masquerading as an email from a work colleague.
The risk is magnified with such attacks because companies can’t always detect the level of security risk being introduced. “Say a company installs a new HVACS [air conditioning] system, but they didn't know this is accessible via the internet,” says Graham. “It can be accessed from afar simply with a commonly-known password, if this isn’t set up securely.
“A hacker can play with the settings, making conditions too hot or cold to work efficiently, or possibly even use this system to then access other internal IT systems,” says Graham. “It's a very effective impact from a simple intervention.”
Hacking and modifying a factory operation can be achieved by attacking any management system of operations technology, or supervisory control and data acquisition (SCADA) architecture. Most manufacturing companies have a variety of these OT systems to manage their factories inside their corporate IT structure which are also accessible remotely, which is where criminals target.
Normally industrial companies have an ‘air gap’ between OT and machinery and their IT network, preventing easy access to the plant for cyber criminals. “Regularly we see simple methods like a USB stick breach the air gap,” says Graham, “So by itself, partitioning factories from the network with an air gap isn’t an effective measure.”
Password or credential stuffing
A rising cyber trend that manufacturers should know about is password stuffing.
The login pages for a website, email account, management or control system for operational technology are all at risk from this method.
Cyber criminals can acquire lists of previously compromised email address and password pairings. They run a program to populate login pages with millions of combinations.
“There are about 3bn passwords and usernames on these lists that have been compromised, where numerous security researchers have found these databases on the dark web,” says Graham. “They point the program at the login page, press go, and the combinations auto-populate until there’s a match.”
While the method relies on complete chance, it’s possible to gain unauthorised access using email addresses and passwords that were compromised years ago and are totally unrelated to the current business, where an employee used an identical or commonly-used password. The solution: use two-factor authentication for remote access to important systems, or at the very least enforce long random passwords.
Improve your cyber security
Appoint somebody with sole responsibility for cyber security for the organisation. Provide them with a framework and reporting structure. For SMEs, this may mean combining the job with another role like IT director.
Make security part of the organisation’s culture, not just an IT issue. “Being cyber secure covers employees’ behaviours, training, and deploying cyber safe processes. Staff need training and better awareness of the risks,” Graham says.
Become familiar with the different security standards. Several documents can tell you how to apply good IT security: many are free like NIST and CIS, some like ISO27001 are paid-for. Most are very lengthy, and will need a lawyer to translate appropriately for the business.
For more information on manufacturing topics - please take a look at the latest edition of Manufacturing Global.
Siemens: Providing the First Industrial 5G Router
Across a number of industry sectors, there’s a growing need for both local wireless connectivity and remote access to machines and plants. In both of these cases, communication is, more often than not, over a long distance. Public wireless data networks can be used to enable this connectivity, both nationally and internationally, which makes the new 5G network mainframe an absolutely vital element of remote access and remote servicing solutions as we move into the interconnected age.
Siemens Enables 5G IIoT
The eagerly awaited Scalance MUM856-1, Siemens’ very first industrial 5G router, is officially available to organisations. The device has the ability to connect all local industrial applications to the public 5G, 4G (LTE), and 3G (UMTS) mobile wireless networks ─ allowing companies to embrace the long-awaited Industrial Internet of Things (IIoT).
The router can be used to remotely monitor and service plants, machines, as well as control elements and other industrial devices via a public 5G network ─ flexibly and with high data rates. Something that has been in incredibly high demand after being teased by the leading network providers for years.
Scalance MUM856-1 at a Glance
- Scalance MUM856-1 connects local industrial applications to public 5G, 4G, and 3G mobile wireless networks
- The router supports future-oriented applications such as remote access via public 5G networks or the connection of mobile devices such as automated guided vehicles in industry
- A robust version in IP65 housing for use outside the control cabinet
- Prototypes of Siemens 5G infrastructure for private networks already in use at several sites
“To ensure the powerful connection of Ethernet-based subnetworks and automation devices, the Scalance MUM856-1 supports Release 15 of the 5G standard. The device offers high bandwidths of up to 1000 Mbps for the downlink and up to 500 Mbps for the uplink – providing high data rates for data-intensive applications such as the remote implementation of firmware updates. Thanks to IPv6 support, the devices can also be implemented in modern communication networks.
Various security functions are included to monitor data traffic and protect against unauthorised access: for example, an integrated firewall and authentication of communication devices and encryption of data transmission via VPN. If there is no available 5G network, the device switches automatically to 4G or 3G networks. The first release version of the router has an EU radio license; other versions with different licenses are in preparation. With the Sinema Remote Connect management platform for VPN connections, users can access remote plants or machines easily and securely – even if they are integrated in other networks. The software also offers easy management and autoconfiguration of the devices,” Siemens said.
Preparing for a 5G-oriented Future
Siemens has announced that the new router can also be integrated into private 5G networks. This means that the Scalance MUM856-1 is, essentially, future-proofed when it comes to 5G adaptability; it supports future-oriented applications, including ‘mobile robots in manufacturing, autonomous vehicles in logistics or augmented reality applications for service technicians.’
And, for use on sites where conditions are a little harsher, Siemens has given the router robust IP65 housing ─ it’s “dust tight”, waterproof, and immersion-proofed.
The first release version of the router has an EU radio license; other versions with different licenses are in preparation. “With the Sinema Remote Connect management platform for VPN connections, users can access remote plants or machines easily and securely – even if they are integrated in other networks. The software also offers easy management and auto-configuration of the devices,” Siemens added.