Industry 4.0: the development of unique cybersecurity
David Shepherd, Area VP, Pre-Sales EMEA at Ivanti discusses the unique challenges that manufacturers face as organisations adopt industry 4.0 digital solutions.
Organisations in every sector are implementing digital solutions and upgrading legacy systems at an accelerating pace to effectively manage digital transition, and the manufacturing sector is no different. However, it’s important to note the sector faces unique cybersecurity challenges due to the made-to-measure nature of manufacturing systems, making the patching process and implementation of cybersecurity solutions increasingly complicated.
The criticality of the production line to the success of a manufacturing company has meant that security is often an afterthought. For these reasons, IT departments in the manufacturing sector have often been late adopters of enterprise IT and cybersecurity solutions. However, as digital technologies proliferate every aspect of our lives, the need to protect manufacturing IT systems is becoming increasingly pertinent. Over half of manufacturing organisations have experienced some kind of cyberattack, the cause of significant downtime and business continuity issues. Fortunately, 87% of manufacturing organisations now say cybersecurity is quickly becoming a key part of business continuity planning.
Industry 4.0: A digital double-edged sword
The move towards automation and data exchange has been labelled ‘Industry 4.0’. This refers to the shift from a physical, on-premise environment to cyber-physical systems such as the Internet of Things (IoT), cloud computing and automation. Global manufacturers, such as car manufacturer Audi, are now using intelligent automation and machine learning to continuously improve processes, moving towards a data-driven and highly flexible manufacturing process. Many other smaller manufacturers are seeing the benefits and building their own automation strategies in order to harness the potential of Industry 4.0.
It’s easy to see why – connected technologies in factories bring untold improvements to efficiency and productivity, as well as increasing visibility throughout the entire company. However, companies must factor into their Industry 4.0 strategies that increased connectivity amplifies their attack surface.
A cyber-attack can ultimately impact the productivity of an organisation, leading to the loss of a plant or production line for a period of time, causing crippling revenue losses. Something as small as a general email ‘phishing’ attack, where employees are sent an email containing a malicious link, can have devastating results.
Using this method, cybercriminals can infect a manufacturer’s network with malware or ransomware, rendering its IT systems unusable, impacting its reputation and leaving it with a hefty bill. Small automotive manufacturer C.E. Niehoff & Co, found itself targeted by a phishing campaign last year. After an employee clicked on a malicious link, attackers were able to hold its IT systems ransom as well as target its supply chain and customers.
A holistic approach to cybersecurity
In order to tackle multi-faceted threats, manufacturers should approach their security operations with a ‘defence in-depth’ approach. This involves layering multiple cybersecurity solutions in order to ensure protection at every level.
Manufacturers should follow a robust security framework, such as CIS Controls or the NCSC Cyber Essentials model. This in turn can help businesses benefit from additional tools such as vulnerability management, privilege access management, application whitelisting, anti-virus protection and employee awareness and training programmes.
However, whilst following these steps will put manufacturers in a good position to combat threats, any defence must be flexible enough to respond to emerging risks, and this will only become more prevalent as the digital landscape continues to evolve. One such example is the IoT, which poses a pertinent threat for the manufacturing industry. As more and more internet-enabled devices and systems are connected to internal business networks, the entry points for attackers also increase. However, as cyberthreats develop so does the technology designed to defend against them. For example, manufacturers can implement automation as part of a layered approach to help IT and security professionals stay one step ahead.
The benefits of automation
When automation is introduced, organisations experience huge time-saving benefits, freeing up the IT team to take care of other tasks. One of the areas that can benefit from automation is patching, typically a time consuming and tedious task – but one of the most valuable when defending against cyberthreats. This will ensure systems are consistently up-to-date and protected against the latest vulnerabilities. Automation also allows a comprehensive overview of every user and device connected to a network and enables the effective detection of any suspicious user or device behaviour. This way, organisations can combat a range of threats, from malicious insiders to infiltration by external attackers. The next step is AI, which brings a learning element to this process, allowing security systems to alter their defensive approach based on what they have learnt from previous attacks.
However, automation and AI still need effective reporting and auditing capabilities, or they too could become a cybersecurity blind spot. The best way to combat blind spots is to find a balance of proactive defensive tools and awareness of new and emerging threats.
Manufacturers must be fully aware of the huge risks posed by malicious actors, not just to business operations, but also to the infrastructure and security of their clients and supply chain. A serious compromise to security can result in huge losses across the industry and even a country’s economy, as was seen with the 2017 WannaCry attack that compromised every industry from healthcare to retail and manufacturing. Technology can bring huge benefits to businesses, but this must also be complemented with robust cybersecurity solutions. By layering a best practice approach with effective technological solutions, manufacturers will be able to decrease their attack surface in the face of even the most sophisticated attackers.
For more information on manufacturing topics - please take a look at the latest edition of Manufacturing Global.
Siemens: Providing the First Industrial 5G Router
Across a number of industry sectors, there’s a growing need for both local wireless connectivity and remote access to machines and plants. In both of these cases, communication is, more often than not, over a long distance. Public wireless data networks can be used to enable this connectivity, both nationally and internationally, which makes the new 5G network mainframe an absolutely vital element of remote access and remote servicing solutions as we move into the interconnected age.
Siemens Enables 5G IIoT
The eagerly awaited Scalance MUM856-1, Siemens’ very first industrial 5G router, is officially available to organisations. The device has the ability to connect all local industrial applications to the public 5G, 4G (LTE), and 3G (UMTS) mobile wireless networks ─ allowing companies to embrace the long-awaited Industrial Internet of Things (IIoT).
The router can be used to remotely monitor and service plants, machines, as well as control elements and other industrial devices via a public 5G network ─ flexibly and with high data rates. Something that has been in incredibly high demand after being teased by the leading network providers for years.
Scalance MUM856-1 at a Glance
- Scalance MUM856-1 connects local industrial applications to public 5G, 4G, and 3G mobile wireless networks
- The router supports future-oriented applications such as remote access via public 5G networks or the connection of mobile devices such as automated guided vehicles in industry
- A robust version in IP65 housing for use outside the control cabinet
- Prototypes of Siemens 5G infrastructure for private networks already in use at several sites
“To ensure the powerful connection of Ethernet-based subnetworks and automation devices, the Scalance MUM856-1 supports Release 15 of the 5G standard. The device offers high bandwidths of up to 1000 Mbps for the downlink and up to 500 Mbps for the uplink – providing high data rates for data-intensive applications such as the remote implementation of firmware updates. Thanks to IPv6 support, the devices can also be implemented in modern communication networks.
Various security functions are included to monitor data traffic and protect against unauthorised access: for example, an integrated firewall and authentication of communication devices and encryption of data transmission via VPN. If there is no available 5G network, the device switches automatically to 4G or 3G networks. The first release version of the router has an EU radio license; other versions with different licenses are in preparation. With the Sinema Remote Connect management platform for VPN connections, users can access remote plants or machines easily and securely – even if they are integrated in other networks. The software also offers easy management and autoconfiguration of the devices,” Siemens said.
Preparing for a 5G-oriented Future
Siemens has announced that the new router can also be integrated into private 5G networks. This means that the Scalance MUM856-1 is, essentially, future-proofed when it comes to 5G adaptability; it supports future-oriented applications, including ‘mobile robots in manufacturing, autonomous vehicles in logistics or augmented reality applications for service technicians.’
And, for use on sites where conditions are a little harsher, Siemens has given the router robust IP65 housing ─ it’s “dust tight”, waterproof, and immersion-proofed.
The first release version of the router has an EU radio license; other versions with different licenses are in preparation. “With the Sinema Remote Connect management platform for VPN connections, users can access remote plants or machines easily and securely – even if they are integrated in other networks. The software also offers easy management and auto-configuration of the devices,” Siemens added.