In a world where terms such as Industry 4.0 and Smart Factory are part of everyday vocabulary, they suggest the image of a futuristic, high-tech production environment. Everything seems to be state of the art, brand new and shiny. However, with a few exceptions, this vision does not correspond to reality.
Investments in production facilities only amortise after many years
It is undisputed that production facilities and systems are expensive. Integrating them into the overall production context involves considerable effort. It is therefore only logical that such systems often remain in operation for many years, if not decades.
However, this is precisely where the problem lies. From a cyber security perspective, older production facilities and systems are simply not designed for use in a networked environment. At least not for the level of networking we see today.
This fact forms the backdrop to a recent discussion with Hervé Constant (GRTgaz), Marc COUTELAN (Nozomi) and Bernard Montel (Tenable) at the Forum International de la Cybersecurité in Lille, France.
What is valuable deserves to be protected accordingly
We quickly agreed that cyber security is essential and that production facilities must be up and running. But away from this self-evident fact, we come up against the harsh reality of operations: production and OT (operational technology) systems in areas such as logistics, plant and building technology and many other applications are nowhere near as well protected as IT systems today.
Older systems in particular have many vulnerabilities that even moderately skilled attackers can exploit. Thanks to services such as Hacking as a Service (HaaS), artificial intelligence such as Chat GPT and others, even completely unqualified attackers now have a good chance of carrying out successful attacks.
Network segmentation is often completely impractical
Network segmentation is a widely used approach to protect against such attacks, but it often fails in practice. IT/OT convergence has long been a reality and, from a production perspective, this is a good thing! This is because linking information technology (e.g. from development) with operational technology (e.g. plant control) increases transparency and enables data-based decisions.
However, the practice of IT/OT convergence is rarely planned, is often misunderstood and even more often implemented incorrectly. This leads to more exposed vulnerabilities and increased cyber risks.
For all companies that want to solve this problem for their production, it is advisable to take a close look at firewall and intrusion detection/prevention systems (IDS/IPS). This seems to be a pragmatic approach.
However, manufacturing companies need to do more. They need to take a systematic approach to cyber security that includes both prevention and response measures. This means that they need to regularly check their systems for vulnerabilities and fix them before they can be exploited.
In addition, they need to invest in training to raise awareness of cyber security issues and ensure that their employees know how to recognise and respond to attacks.
IDS is to the network what the burglar alarm system is to a house
Finally, it is important that manufacturing organisations invest in technology that helps them detect and respond to attacks in real time. This can range from simple IDS/IPS systems to more advanced technologies such as artificial intelligence and machine learning that are able to detect and report anomalies before they lead to serious security breaches.
In today’s connected manufacturing environment, cybersecurity is not a disruptive factor, but a necessary and important component. It is time for companies to recognise this and act accordingly.
