Industry 4.0 – The Next Window For Cyber Attackers

Manufacturing is rapidly entering the Fourth Industrial Revolution where the old and formerly closed environments systems meet new, connected ones.
Spread the love

By Stephan Neumeier, Managing Director, APAC and Japan, Kaspersky Lab

Manufacturing is rapidly entering the Fourth Industrial Revolution, or Industry 4.0, where the old, complex and formerly closed environments systems meet new, connected, and more open ones. With today’s advanced manufacturing, automation, and data-rich production cycle, complex global supply chains are fast becoming a common sight.

Moreover, the implementation of industrial Internet of Things (IoT) creates systems which will no longer ask users for permission to connect to the Internet; it will be there by default.

While this enhances the efficiency of manufacturing, it also brings potential dangers on the cybersecurity front.

Historically, investment in manufacturing has been focused on safety, cost reduction, and efficiency, but investment in security is often overlooked. The widespread use of connected environments and increased connectivity is on every cybercriminal’s radar—the cost of cyber-penetration is immeasurably smaller than that of a physical attack, but the damage can be far more serious.

As such, with these growing risks against our critical infrastructure systems, it is vital for business leaders to invest in a comprehensive cybersecurity system to mitigate financial and reputational losses to the company.


Employees As The Weakest Link

Firstly, there is unintentional infection of an industrial network. In theory, industrial information networks should not be connected to office networks and should not have direct access to the Internet. However, not all employees understand the importance of isolation.

Employees sometimes unknowingly connect infected removable drives to industrial computers or access the Internet to update software on the server. As a result, threats such as malware have the opportunity to penetrate the industrial network. With Stuxnet, for example, the worm was specifically targeted at industrial machines, designed to spread to air-gapped networks. Iran suffered heavily through an employee’s negligence when he plugged his personal USB drive with the Stuxnet malware into the company’s system.

There is also fraudulent activity by employees. It is not unusual for people who are professionally versed in industrial systems to try and use their expertise to trick their employer. For instance, gauges or sensors can be adjusted to hide the fact that several dozen litres of a petroleum product remain at the bottom of a storage tank after being drained.

Finally, there are targeted actions that intend to cause damage. The reasons may vary from competition to extortion. For example, a hacker recently penetrated the network of a South Korean nuclear power plant and began to extort money via Twitter.

There are far more examples that underline the need for manufacturing companies to constantly invest in cybersecurity capabilities strategically, which always include their employees.


Cybersecurity For Increased Complexity

According to the 2019 Official Annual Cybercrime Report by Herjavec Group, cybercrime will cost the manufacturing industry $6 trillion by 2021, up from $3 trillion in 2015. With increasingly sophisticated nation state-sponsored cyberattacks fuelling demand and organised crime gang hacking activities, cybersecurity will be an emerging growth sector within manufacturing in 2021.

A few decades ago, when industrial systems were networked into systems of record, it made sense for organisations to focus exclusively on preventing outside attacks and protecting the network perimeter. However, now that industrial systems, products, and environments are increasingly complex and interconnected, strategies geared toward perimeter defence are inadequate.

Security strategies must extend far beyond the walls of a single organisation to reflect interactions with suppliers, customers, and vendors. For organisations, the old challenge of detecting and neutralising threats has expanded to include learning how to continue doing business during a breach and how to recover after one. In other words, it has evolved from security alone to security and resilience.

Industrial systems are basically made up of three components—controllers, industrial networks and industrial endpoints such as SCADA computers. For an organisation’s industrial system to be reliable, all its components need to be protected to prevent cybercriminals from finding a vulnerability and exploiting it. The first truly clever uses of AI in cybersecurity will likely be done by nation state hackers or organised criminal groups with healthy budgets and resources.

At the same time, boards and senior management have an increasingly important role in providing oversight of cybersecurity strategy execution, monitoring the manufacturing companies’ cybersecurity posture, and being prepared to respond to various stakeholder groups about the actions taken on cybersecurity.

Top management needs to provide meaningful data about not just the state of data security as defined narrowly by viruses quarantined or the number of intrusions detected, but also about the resilience of the organisation’s digital networks. This means having strategies to make quick business decisions on how to sustain a business during a cybersecurity breach, to recover quickly against its aftermath, and to zero in on improvements needed to be deployed.

At Kaspersky Lab, we know that networks constantly change, so tracking cyber risks and vulnerabilities over time, mitigating its effects, and adapting accordingly with its results is essential. These crucial steps, specified on our Adaptive Security Framework, are the core pillars of our Industrial Cybersecurity Solutions tailor-made for different verticals under industrial and critical infrastructure.

May it be smart manufacturing companies, connected dams, automated power plants and energy grids, and so on, we aim to cover all bases, to secure the industrial layers and the elements of organisation—including SCADA servers, HMIs, engineering workstations, PLCs, network connections, and the human force, yes, the engineers. This holistic approach also ensures operations continuity and consistency of the industrial process.

This reality proves that cybersecurity is now a concern of the business owners or the C-levels and the workforce behind the operations. Organisations in manufacturing must move forward, fine-tuning existing defences to optimise security of their facilities, to ensure business continuity, and to guard their networks. As the digital transformation agenda forces organisations to embrace emerging technologies and new business models—often at pace—cybersecurity needs to be a key enabler of growth.






The Promise Of The Edge In Asia’s Manufacturing Industry
Considering Transition to Industrial IoT Networks?