Defending industrial automation against cyberattacks

21/04/2024

Defending industrial automation against cyberattacks 21 Apr 2024 at 22:00

By Thomas Vasen

Cyber security

Anybus

With reports of cyberattacks on the industrial sector becoming all too familiar, Thomas Vasen, Anybus Business Development Manager Network Security at HMS Networks, outlines five strategies companies can adopt to fortify their defenses and avoid becoming the latest victim.

Rise of cybersecurity attacks

Cybersecurity is rapidly becoming a significant concern in industrial automation. The World Economic Forum highlighted in 2023 that manufacturing is the sector most targeted to cyberattacks. Furthermore, Orange Cyberdefense reports that the manufacturing sector had Common Vulnerability Scoring System (CVSS) severity scores 33% higher than the global average. The increasing number of attacks on Industrial Control Systems (ICS) is particularly worrying. Gartner predicts a bleak future: by 2025, cyberattacks are expected to harm or endanger humans.

The time for action is now. Here are five strategies companies can adopt to effectively mitigate the risk of cyberattacks.

1. Understand that OT is not just another version of IT

The first step is to adopt the correct mindset. In the 1990s, Netheads vs Bellheads debated the future of telecommunications. While Bellheads advocated for traditional methods, Netheads argued that voice should be treated like any other data and transmitted over IP. Three decades later, Netheads' vision has prevailed, with voice being transmitted over the Internet like any other type of data. Users have even come to accept deterioration in call quality due to the increase in latency and frequently dropped packets. Today every phone call feels like an intercontinental one.

However, the situation with Operational Technology (OT) is fundamentally different. Unlike Information Technology (IT), OT cannot tolerate compromised quality and increased latency, as even minor disruptions can have catastrophic consequences. Treating OT as merely another version of IT is a serious mistake, as OT operates under distinct principles and requirements. While IT prioritizes data integrity and confidentiality, OT demands deterministic data and uptime assurance. This distinction is especially critical in industries like manufacturing, where even minor disruptions can lead to significant financial losses, material wastage, and operational downtime. In IT, occasional network downtime or data loss may be manageable inconveniences. However, in OT, a similar disruption can have far more severe consequences. Imagine if an ice cream machine were to malfunction due to a network outage or data inconsistency. Not only would the production process grind to a halt, but the perishable ingredients would spoil, resulting in financial losses and wasted ice cream. And nobody wants that.

Figure 1: In OT, network downtime would lead to production processes grinding to a halt, resulting in financial losses, and wasted ingredients or materials.

So, while it's natural for OT to adopt IT technologies (there are lots of benefits of using Industrial Ethernet over traditional fieldbus networks) it must be acknowledged that out of the box IT does not satisfy OT's requirements. Hence, the rise of industrial communications protocols, and as such, the need for specialized OT security products and solutions.

2. IT and OT must work together While the Chief Information Security Officers (CISO) is under scrutiny and manages the security budget, often including that for OT, it is the operations manager who bears the responsibility of ensuring uninterrupted production in the factory. This situation creates an inherent conflict due to differing priorities. IT professionals adhere to the CIA framework, prioritizing Confidentiality first, followed by Integrity and then Availability. In contrast, operational personnel prioritize Safety, followed by Availability, Integrity, and lastly, Confidentiality - forming the (S)AIC sequence.

This dichotomy results in conflict and friction, yet the underlying shared objective remains clear: safeguarding business continuity. Recognizing this common goal, CISO (IT) and the Operations Manager (OT) must collaborate to navigate these challenges and harmonize their approaches to secure business continuity.

3. Develop a comprehensive OT security plan Securing OT environments requires a proactive and customized approach to the unique challenges of industrial operations. Companies must conduct a thorough identification and assessment of their assets, understanding the risks associated with each machine. Rapid detection of anomalies is important, but more crucial is the implementation of robust protective measures to safeguard these assets. Having a comprehensive recovery plan in place and implementing measures to minimize impact is also important and is commonly recommended by experts such as those from ISA/IEC 62334.

Currently, many companies focus on asset inventory and threat detection. While these are important, they are not sufficient to protect OT environments. Companies must also implement measures to protect their assets.

4. Protect yourself with Network Segmentation Network segmentation is an excellent way to secure OT environments. By dividing networks into zones and separating with conduits providing access controls, companies can bolster security and prevent unauthorized access. The benefits of network segmentation include:

Protection from outside traffic - Separation from IT!

Inspection of inside traffic - Downtime is often caused by internal threats, intentional, or unintentional.

Guarding remote access traffic - Allowing remote maintenance can be critical for your uptime, but it can also be a backdoor for threats to enter your network. Take granular control of the traffic flow.

Isolation of visiting workers - Know what&#

LINK:	https://www.hms-networks.com/news/news-details/21-04-2024-defending-in...
	See more stories from hms

Defending industrial automation against cyberattacks

More from HMS

18/10/2024

18/10/2024

15/10/2024

10/10/2024

02/10/2024

01/10/2024

01/10/2024

30/09/2024

23/09/2024

09/09/2024

06/09/2024

03/09/2024

03/09/2024

02/09/2024

22/08/2024

05/08/2024

21/07/2024

12/07/2024

27/06/2024

24/06/2024

19/06/2024

19/06/2024

17/06/2024

12/06/2024

11/06/2024

30/05/2024

20/05/2024

30/04/2024

23/04/2024

21/04/2024

17/04/2024

17/04/2024

16/04/2024

16/04/2024

16/04/2024

16/04/2024

08/04/2024

02/04/2024

27/03/2024

18/10/2023

22/08/2023

30/06/2023

14/06/2023

05/05/2023

17/04/2023

06/02/2023

09/12/2022

15/11/2022

19/10/2022

21/09/2022