As tech savvy manufacturers increasingly integrate hyper-connected production facilities through the Internet of Things (IoT) we are witnessing a veritable ‘Fourth Industrial Revolution’ or, Industry 4.0. However, have the implications on cybersecurity vulnerability being fully acknowledged?
Industrial IoT brings it all together
Industrial IoT is a hot topic in the UK and across the international business ecosystem, with an increasing number of ‘smart devices’ connecting each other via the Internet, we can only expect it to continue to grow. As hyper-connectivity engulfs factories, Industrial Control Systems (ICS) begin interacting with equipment in more versatile ways – as a result Information technology (IT) and Operational Technology (OT) are joining forces. What this means is that real-time data from various areas of the factory floor can come together in data lakes or IoT clouds and can be analysed through AI tools across the industrial process correlating centres like production and logistics, sourcing all the way to engineering and eventually distribution. These new models enable companies to quickly assess the efficiency and effectiveness of existing process and resource allocations. This leads to rapid real-time decisions which can, within a matter of seconds, be transmitted back to both systems and equipment with direct instructions which implement all the necessary changes. Thus visibility, insight and control, create an ever adjusting and improving process.
This new way of linking systems to physical machines also has implications for the safety of workers. Upon early detection of process issues, devices can be remotely adjusted with less dependency on human-machine contact, thus less endangerment and risk for employees.
Does interconnectivity pose security risks?
To understand the risks of interconnectivity we must first consider the history of industrial cybersecurity. For many years ICS have monitored and directed the manufacturing process of the goods that we use every day; creating a bridge between central control systems and their mechanical limbs, allowing production to flourish, whilst maintaining safety for consumers and workers. However, these systems have long life cycles of around 20 or 25 years, thus from an IT point of view, they are effectively functioning fossils, predating both IoT and the majority of the cybersecurity risks which 21st century businesses are growing to expect.
As manufacturing industries are developing their industrial plants and production lines into the “Smart Factories” of the future, these systems which have existed in an airlocked ecosystem are becoming increasingly exposed and they open their vulnerability not only to the ICS and SCADA areas but also to the connected plant and corporate applications. With more devices being connected to the Internet than ever before, there are a growing number of access points which hackers can exploit to their advantage.
Due to their isolation from nefarious activity, little attention has been paid to the cybersecurity of ICS. The industry is now left with a potentially dangerous cocktail of multifaceted and complex systems, which have had little cybersecurity investment, and which are increasingly being connected to the online world. Each connected element of a “Smart Factory” is an entry point from which hackers can gain access to critical systems, including sensitive and financial records. Cyber-breaches can cause great disruption business wide, if customer data is stolen then companies can expect loss of trust, compliance investigations, and are exposed to legal action.
What is of greater concern however is the possibility of a targeted industrial IoT attack. Malicious hijacking of ICS could result in, but is not limited to, shutting off utilities to large areas through attacks on plants or endangering the labour force as black hats assume control of industrial equipment.
Despite their ability to connect to the internet, most devices in smart factories are simplistic and do not have the capacity for security software to be installed.
Is there a solution?
Rather than trying to secure individual devices and struggle with their limited capacity, organisations can look to manage the channels between the devices. The ability to access different critical systems from an account or device is called privilege. By managing the privileged access for external and internal connected devices, companies can limit the access that cybercriminals could hope to gain by exploiting one of the IoT connected devices on the network. Additionally, if managed correctly privilege access systems will identify suspicious activity, seeking to break privilege and alert the central database. Therefore, the threat can be eliminated, and the cause investigated.
Hyper-connectivity needs to be embraced, but managed. We can expect the fourth industrial revolution to bring benefits to both businesses and consumers alike. Yet with the world becoming increasingly more connected we must ensure that only those who should, can access sensitive business assets. Security has always been at the forefront of the business agenda and as we become ever more connected the number of threats will only rise further. Without a comprehensive security protocol, policy, or platform in place there is the potential for hackers to manipulate equipment and devices which could have a detrimental impact whether this is financially motivated or through reputational damage. If the devices themselves cannot be safeguarded, then the channels between them can be. As the use of IoT grows across the industrial sector and beyond, the pressed need to secure all operational collateral, both physical and digital can not be underestimated.
Mark De Simone, VP Business Development Industry 4.0, WALLIX