As industrial machines become better connected and share more data and analytics digitally, cybersecurity is more crucial than ever. Industrial cybersecurity needs to be specialized to deal with the unique demands of industry and manufacturing. It also needs to be able to deal with a number of growing threats and the unique vulnerabilities of industrial control systems (ICS) and the industrial internet of things (IIoT).
Industrial System Security vs. Regular IT Security
What are the differences between industrial system security and regular IT security? There are, of course, many similarities. Cybercriminals will attack all sorts of systems for the purpose of theft, financial gain, or simply to test techniques that they can then use against other targets.
The problem with cyberattacks on industries is that they go beyond the digital. As we’ll explore below, the ways that cybercriminals or external actors can manipulate control systems can have a very physical impact that can’t be fixed by simply shutting down a server or disconnecting from the network. If a savvy hacker fully accesses your control systems, they are then in charge of your industrial equipment, which has frightening implications.
Why It Is Critical to Secure Industrial Systems Specifically
IBM recently recorded a 110% increase in cyberattacks specifically aimed at industrial control systems (ICS) in a single year. That shows that opportunistic cybercriminals are ready and willing to take advantage of industries switching to digital communication, and perhaps not being as well secured as they could be.
Many cloud-based services for the industry are relatively new, meaning industrial operators might not be up to speed on the best ways to make them fully secure. There was, until quite recently, a sense that because many industries carry quite specific data that doesn’t always relate to other industries, this protected the organizations in question. Known as “security via obscurity” or similar terms, this relies on cybercriminals lacking awareness of the value of industry data. In our current digital age, where all data has value, this view is no longer feasible. Another reason ICS used to seem secure is that they were relatively isolated from networks, or “air gapped”. Of course, now nothing is isolated, and the more sensors and equipment that become part of the IIoT, the more innovative industrial cybersecurity needs to be.
Over the last decade, cyberattacks on ICS have become more targeted and more sophisticated. From a worm virus that took over controls within a uranium enrichment centrifuge, to ransomware demanding Bitcoin payments from industries, the dangers of cybercrime cannot be overstated.
Key Threats to Non-Secured Industrial Systems
If you don’t secure your industrial systems, what are the primary threats? We’ve discussed a couple of real-life examples above including ransomware and malicious viruses, and the following are also of serious concern to industrial operators:
- Industrial espionage
- Theft of intellectual property
- Cyberattacks with physical ramifications such as loss of power, damage to equipment via corrupt digital communications, or stopping/sabotaging production
- Cyberattacks cause physical issues that go beyond the plant or factory and start affecting consumers, such as shutting down water, power, or other resources, or halting the supply of crucial, high-demand goods.
As systems become more integrated and convoluted, the possibilities for cybercrime will only increase.
Methods for Achieving Industrial System Security
One in three industrial or manufacturing sites is connected to the world wide web or public internet. Seventy-five percent of these are still running legacy systems that may leave them open to attack from malicious actors, hackers, and other cybercriminals. When industries do suffer from cyberattacks, they tend not to share that data to avoid bad publicity. While understandable, this makes it harder for others to learn from those mistakes and improve their own security systems.
With that in mind, it seems the first step for adequate cybersecurity is, to be honest, and open with policymakers and other invested parties about the current state of security within an organization. Have there been attacks? What happened and was the situation resolved? Is the current system up-to-date or are upgrades required? Taking an IT specialist with industry experience onboard could help, but many industries are now turning to dedicated systems integrators who can ensure security is a top priority throughout every level of the ICS.
Security Steps Every Industrial System Operator Should Consider Taking
There are a few key points that any industrial system operator should take note of:
- Don’t assume that your product isn’t tempting to cybercriminals.
- Security should cover the whole system, including networked computers, IIoT devices, digital sensors, and anything that could potentially be accessed via a network of any kind.
- Ensure security systems take into account remote monitoring control systems or any other offsite yet connected devices.
- Don’t allow anyone to modify your IIoT devices unless authorized by the manufacturer and your security team or policies.
- Ensure all firmware is kept up to date and ask for documentation from every device, sensor, or machine supplier about what’s included in every update.
For further support, speak to ICA Engineering for guidance on the right security for your industrial control systems.
Image Credit: Freepik @Creative Commons