Industrial security: 4 danger zones and protections
By Marc Laliberte
By Marc Laliberte
According to new research from IBM, destructive cyberattacks capable of rendering victim systems inoperable have doubled in the past six months, and 50 per cent of affected organizations are in the manufacturing sector.
Outdated technologies such as printers and fax machines are known to be possible weak spots in an organization’s defence, but hackers are constantly finding new and nasty ways to infiltrate even the latest and smartest industrial technologies.
Provisioning reliable security across entire hyperconnected and increasingly complex company networks has become a daunting task for IT teams industry-wide. Here are four danger zones that hackers are targeting in the industrial space this year and what IT pros can do to secure them ASAP.
1) Smarter tools, similar pitfalls.
IIoT has become a dynamic asset for many manufacturing facilities. Connected robotics and other smart technologies are facilitating quality assurance controls, improving accuracy and efficiency in inventory monitoring, and boosting overall operational performance.
Despite all of its benefits, IIoT devices still face the same pitfalls that threaten the non-industrial Internet of Things (IoT) products because their design often lacks adequate security consideration. For cybercriminals, this presents new and attractive entry points into victims’ networks.
There are a few things manufacturing companies can do to address these threats. The first is to partition the network into several segments (IIoT, guest Wi-Fi, enterprise, and so on). Not only will this isolate IIoT devices from other technologies connected to the network, but it can help limit the propagation of potential cyber attacks. This type of network segmentation can be performed using unified threat management (UTM), a firewall that offers layered security services.
Another useful strategy is to install secure, cloud-managed Wi-Fi access points that incorporate wireless intrusion prevention system (WIPS) technology that can automatically detect and remediate unauthorized or rogue devices connected to the network.
2) Threats lurking in the shadows.
Shadow IT is term that describes instances when employees implement hardware or software resources within a company without the knowledge or consent of their organization’s IT department. It’s an issue that most organizations face on some level, and one that should be a major concern for manufacturing companies in particular. Shadow IT implementations put networks at significantly higher risk of cyberattacks.
A recent study revealed that companies actually run between 17 and 20 times more cloud applications their IT departments estimate. Networks that aren’t fully understood can’t be adequately secured. IT teams without comprehensive knowledge of the software and/or terminals that are active on a given network will not be able to verify its security.
There are network mapping services that can help by enabling the IT department to visualize the network that is behind the firewall – including all known equipment – using data from Nmap scan results and DHCP fingerprinting, and by analyzing the details of HTTP headers or applications. This allows IT teams to perform immediate, corrective action as soon as new or unknown equipment appears.
As you forge ahead with your security strategy, strive to simplify the process as much as possible.
3) Intellectual property at risk.
Intellectual property (IP) theft continues to be a major threat for businesses in the manufacturing sector. Production and manufacturing process documentation is extremely high-value data for industrial companies. Losing precious IP to competitors or hackers can result in serious financial and reputational damage. In order to protect the bottom line and avoid losing customers, manufacturing organizations need to make IP security a top priority.
For IT teams at industrial organizations, deploying a multi-factor authentication (MFA) solution is an essential step in securing access to critical network data.
Data loss prevention solutions are another security protection that can throttle data leakage in the industrial sector, keeping breaches at bay by analyzing text files for any leaks of sensitive information from the network. Once detected, the connection is blocked or quarantined, and the administrator is notified.
4) Workforce woes.
The cybersecurity skills gap is a major issue in IT, and according to ESG, it’s growing significantly worse each year. This is particularly concerning for the manufacturing sector, which relies heavily on more complex, specialized technologies than most. Qualified candidates that can properly manage and secure critical operational technology (OT) and industrial control systems (ICS) are scarce.
Considering the growing shortage of cybersecurity skills and the fact that it can take up to five months to fill a vacant manufacturing position, the industrial sector as a whole should prioritize security solutions that are simple to deploy and manage to abate the ongoing pressure to identify, hire and retain highly specialized and trained cybersecurity personnel.
When it comes to bolstering your overall security posture, simply securing traditional networking and computing devices is no longer sufficient. It’s important to be aware that modern cybercriminals often wield a multi-prong approach. As you forge ahead with your security strategy, strive to simplify the process. Be sure to prioritize visibility into your connected devices, scan often and keep all devices updated regularly.
Marc Laliberte is senior security analyst at WatchGuard Technologies.
This article originally appeared in the November/December 2019 issue of Manufacturing AUTOMATION.