The fourth industrial revolution – or more commonly known as Industry 4.0 – is upon us. Companies are revolutionising their manufacturing process through the accessibility of vast amounts of data, far more efficiently than ever before. Industrial plants, factories, and even construction sites are now equipped with internet connected devices and machines. This level of connectivity is also referred to as the Industrial Internet of Things (IIoT).
The IIoT is a natural progression for businesses in that it improves efficiency, scalability, profitability. For organisations of all sizes, it will soon become an essential part of doing business. For example, costs can be saved through the use of predictive maintenance, improved safety and operational efficiencies. The key benefit of the IIoT is that it allows organisations to break open data silos and connect their entire organisation – people, data and processes – from the factory floor to the executive suite, all in real time. Using real time data, managers can now monitor the entire factory and get immediate notifications when their systems need fixing. For example, if a machine is not performing at the expected level. Over time, an automated system can even learn to recognise patterns based on the data and predict when a machine needs maintenance. These smart factories also enable subcontractors, product developers as well as distributors and logistics to take part in the manufacturing process and thereby, optimise the entire supply chain
Ultimately, companies can increase productivity in the manufacturing process as well as minimise human error and production costs by connecting industrial plants and machines. With Industry 4.0 making its way into everything from energy to agriculture, the increased connectivity between industrial plants and machines enables businesses to bring better products to market faster and governments to improve its critical national infrastructure.
Attacks on unexpected endpoints
As with many technological advances, negative consequences are often a reality. The connectivity that helps businesses can also expose them to greater security risks. The connection to the internet is not a one-way street, and these factory floor connected devices have now become endpoints. These non-traditional endpoints serve as additional doorways for cybercriminals to access. The IT departments now need to ensure that they are not just monitoring employee laptops and devices, but all the connected machines and automated systems that are present within the manufacturing process.
Much like when hackers can gain access through an employee’s desk computer, if an internet connected machine is breached, it is only a matter of time before other endpoints within the production network are compromised, endangering the entire production process. In worst case scenarios, due the nature of many industrial operations, this could enable cybercriminals to pull off catastrophic hacks on entire cities or countries.
The attack on Ukraine's power grid in 2015 was a sobering example of what could happen when a hacker infiltrates an industrial network. Hackers took control of electricity substation switches and caused blackouts across the country for several hours. The following year, another blackout hit the Ukrainian capital Kiev. The outage lasted only an hour, but cybersecurity researchers later found that it was a trial run for an advancement in critical infrastructure hacking called Crash Override. Where hackers manually switched off power to electricity substations in 2015, the malware used in 2016 was fully automated. This means that Crash Override could cause blackouts faster and far more widespread in the future.
In the summer of 2017, The New York Times published a joint FBI and Homeland Security report regarding cyberattacks on a number of nuclear power plants across the United States. In this case hackers were able to access the critical controls of a plant in Kansas. Just last year in the UK, the National Cyber Security Centre warned of a sustained cyberattack against UK companies involved in the Critical National Infrastructure (CNI) supply chain. Essentially, hackers will always find opportunities to infiltrate a network, yet the consequences at this scale could be catastrophic.
Automated network security
The horrific cyber-attacks of recent years have demonstrated how exposed an IT infrastructure can be, especially when potential vulnerabilities are not promptly identified and assessed for their risk. Accordingly, it is imperative that IT managers take threats to industrial infrastructure seriously and continuously operate risk management in production to secure weak points.
One of the best ways to protect production environments against security threats is by implementing a holistic solution, such as unified endpoint management (UEM) that provides IT managers with a transparent and traceable overview of all endpoints within the network as well as the power to manage all connected devices from a single platform. A good UEM solution maps out the network setup and structure by carrying out a complete inventory of all network devices, configurations, installed software, and the drivers for endpoint subsystems. This is the first step towards increasing security, because it is only through knowledge of a company’s resources and how they interact that IT managers will be able to protect them effectively.
There are simply too many endpoints within IIoT for IT managers to monitor manually efficiently. Mistakes will be made, and opportunities to stop breaches before they escalate will be missed. A UEM solution not only shows the software and licensing situation but scans the IT environment for any irregularities or vulnerabilities and allows risk assessment and patch installation where it is necessary. Providing IT administrators with automated vulnerability management, will enable them to filter and set search criteria by device, security vulnerability and threat level for the higher and most timely degree of protection.
With each technological or industrial revolution comes a wealth of benefits for businesses to propel themselves forward with operational efficiency. The popularity of IoT means Industry 4.0 was the logical next step for businesses. However, much like the security risks of IoT, the increased connectivity within the industrial world also provides cybercriminals with the opportunity to exploit the networks of factory floors and power plants. Businesses and governments must take the necessary measures to protect their production network by stopping breaches before they escalate. A UEM solution provides the IT department with the control and transparency necessary to secure all endpoints efficiently, allowing businesses to reap the rewards of Industry 4.0.
Sean Herbert, UK Country Manager, baramundi
Image Credit: BeeBright / Shutterstock