9 Tips For Improving Cybersecurity
In Factories

Industry 4.0 is the 21st century buzzword, representing both its greatest technological advances and its greatest threats. The nightmare scenario depicted in such films as The Terminator and Marvel's Age of Ultron is a familiar and ongoing theme: machines become self-aware and eliminate humanity, using the world wide web as their highway to hell. However fantastic it seems (and it certainly seemed a lot more fantastic in 1984 than it does now), it is as well to admit that the first step on this unimaginable path has already been taken. Machines are all becoming interconnected and thinking for themselves.

This is a great step forward for global production, as it has huge advantages in terms of source and supply chains, productivity and quality control. A recent analysis suggests that as much as 17-20% in productivity gains has been achieved in the last couple of years by investment in smart manufacturing, alongside 15-20% gains in quality. Hundreds of millions have been invested in smart manufacturing, with at least 67% of industrial manufacturers having installed smart initiatives in their factory processes. Across the UK, however, investment is lagging, with only 1% of manufacturers embracing full digitisation, as compared with a global average of 10%. On the positive side, this gives UK industries a greater opportunity to get in on the ground floor, with a closer focus on improving cybersecurity in their factories.

The potential threat from cyber attacks has increased exponentially as the world becomes ever more digitised. Cybersecurity in the Internet of Things (IoT) and particularly the Industrial IoT (IIoT) is now one of the world's greatest concerns. The more technology is interconnected, the more capable it is of advanced behaviour, but the more vulnerable it becomes to invasive and criminal activity by hackers. In the case of industry, vulnerabilities are often due to the adaptation of legacy manufacturing equipment for IIoT practices, but even brand-new systems are open to attack. On the factory floor, it is crucial to ensure systems safety, because not only machinery but also human lives may be at stake.

At Rowse we are very conscious of the current developments in industrial automation, and we can offer the following nine key tips as to how you should best protect yourself from cyber attack, and improve cybersecurity in your factories.

• Be Proactive
• Lock Down Everything
• Set the Correct Permissions
• Budget
• Planning
• Updates
• Testing
• Regular Reviews
• Training

Why Security for Your Factory is Important

Cybersecurity impacts your business in many ways, to a greater or lesser degree of damage control. Cloud computing, machine learning, data analytics and AI are all expanding the industrial capability, together with sensory actuators, wireless networks and ethernet connected system controllers. Even five years ago (a lifetime in technological terms), there were as many as half a million internet accessible control devices in manufacturing, and some estimates suggest that that figure will have increased to billions by the end of the decade. With these IIoT devices being connected not only to software, but also to hardware and industrial processes, the inherent safety risks stretch right across the spectrum, from compromise of your automated system controllers to the physical risks of machinery malfunction.

Many analysts consider that the DDoS (Distributed Denial of Service) attack perpetrated by the Mirai botnet in 2016/17 poses one of the biggest threats to internet security, as the invader is itself a robotic program. This attack targeted thousands of victims via the IoT, with multiple threats directed at prominent distribution networks, primarily infiltrating them by means of weak password exploitation. The implications of such self-replicating malbots moving on to target the IIoT are worrying. The integration between smart automated systems and IoT has not yet been perfected, so there are going to be more loopholes in a combined IIoT than in one single system or the other. The most advanced sensory systems report via wireless connections to distributed control systems, often to staff using devices off-site, so the potential for infiltration is vast. And with these sensors using their own deep learning judgment to drive actuators and other mechanical processes, the danger is transmitted from the digital to the physical plane.

Ensuring that proper cybersecurity systems are in place will reduce these risks, offering peace of mind for the safety of your personnel as well as your profit margin. Preventing security breaches before they occur is a lot less expensive than the damage-control expenditure involved if anything does go wrong. If your systems are subjected to a successful cyber attack, as many large enterprises have been with co-ordinated malware hacks such as Stuxnet and Havex, then your company's brand reputation is also going to be damaged. Your brand will appear vulnerable in the eyes of suppliers, customers and competitors, leading to a potential loss of business on top of any physical damage. Attacks on SMEs are also on the increase, with an average of 65,000 attacks on British SMEs every day, so it's incumbent on everyone to guard against being too complacent and thinking they are immune.

Here are some key tips from Rowse on how you can improve cybersecurity in your factory.

1. Be Proactive

Don't wait for a cyber attack to happen and cause havoc in your systems, but be proactive and make the necessary changes right away. Find out about what threats are most common, what history of attack there may be on your particular type of installation, and what you should do to prevent it. When installing any new system, be sure that you check its security protocols thoroughly, and carry out all necessary tests before going live. Be especially careful when integrating new IIoT devices into legacy systems, as this is where security is most vulnerable. Above all, don't assume that because you have been safe so far, it's not going to happen to you. A recent survey suggests that 90% of security professionals have already suffered attacks, across the UK, Germany, Australia and other countries.

2. Lock Down Everything

Locking down all your IIoT systems allows you to open them up only where or when necessary, allowing you better control of the network. Secure password management and two-factor authentication should be instituted wherever possible, and everything that can be encrypted, should be. Also, don't rely on the cloud for sensitive storage, as these systems are not foolproof, and always, always keep a hard disk backup. It's all too easy to think that you have covered every base, but hackers are some of the most ingenious computer programmers on the planet, and they're bound to have thought of a loophole in every conceivable scenario.

3. Set The Correct Permissions

Set the permissions in your system correctly for each individual who uses it, to ensure that the only staff who can get access to the system are those who need it. If you don't know how to manage permissions, consult the equipment manufacturers, or the guidance manuals supplied with the machinery, to ensure that only authorised personnel have access. Again, two-factor authentication should be applied to all permissions where possible.

4. Budget

Allocating a budget to cybersecurity will save your business a lot of money in the long run. Setting aside funds for cybersecurity attack prevention will allow you to prepare for a potential threat as part of your budgeted finances, as opposed to incurring large and unplanned costs repairing damage after the event. You also should budget for the time required to install and review cybersecurity procedures, and factor in the time required for staff training as a mandatory part of job contracts.

5. Planning

Planning is the key to ensuring that everything in your system is secure. Budgeting is part of this, but also all users, processes and particularly connections in a system must be carefully documented. Plan out the lifespan of the machinery and its future activity, together with upgrades to hardware or software, and the equipment's expected obsolescence. Furthermore, you should also have a contingency plan in place to mitigate the impact of any successful cybersecurity attack. Plan on improving the cybersecurity of your factories and workplaces immediately, and see how your future procedures will adapt and become stronger.

6. Updates

Updates can be critical, so it is important to keep all software and firmware up to date wherever possible. It is especially important to ensure that systems have the most up-to-date security patches released by manufacturers, as they identify and address potential risks. Sometimes manufacturers are reluctant to take (or unable to afford) the downtime required for updates, and in these circumstances you should have plans in place to protect and monitor the system against cybersecurity threats.

7. Testing

Once your systems have been installed, updated and permissions granted, it's important to test everything, to ensure that your security measures function as you have planned. Pen (penetration) testing is a good way to find out if, and how, hackers can gain access to your manufacturing systems. This involves running a simulated, controlled and authorised hack, either manually or via automated software, to identify potential vulnerabilities which could be exploited by cyber criminals. This is a very useful learning tool, and helps users to understand how cybersecurity is approached from the other side of the criminal divide. This is a sophisticated technological exercise, and you may need a trusted third party expert to help carry out a pen test.

8. Regular Reviews

Regularly reviewing your cybersecurity measures is vital to maintaining a safe and secure factory. You can use reviews to fine tune your processes, assess any potential vulnerabilities and fix any issues that may appear over time as the system is put into full operation. The Stuxnet worm, for example, was designed to operate on a long-term plan of destruction, which only became apparent many months after the original malware had been installed. By reprogramming certain controllers, the worm was able to cause hardware deterioration that eventually led to the destruction of more than 1,000 machines. Not only did this cause huge financial losses, but the credibility of the system was severely compromised and a nation put under threat. The more recent global attack known as WannaCry used NSA backdoor access tools to install ransomware on millions of computers in order to extort money, and this threat is still ongoing.

9. Training

In this complex technological environment, we cannot emphasise enough that training is vital. You must ensure that your staff are fully trained for the systems they use, that they understand clearly what cybersecurity is, and that they know how important it is to the proper functioning of your business. They must be trained to know how to prevent a cyber attack, how to identify a potential threat and what to do if a cyber attack does occur. This will not only benefit them with a better knowledge of the factory and its systems, but will also result in a better overall understanding of how cyber crime can impact a business.

Conclusion

Industry 4.0 is an exciting development and we are privileged to stand on the brink of a new frontier. It is our duty to ensure that we don't fall into the abyss of underestimating, misunderstanding, or not recognising the dangers that lie beyond it.

A study published in November 2018 by ENISA, the European Union Agency for Network and Information Security, identified 110 different security measures that should be instituted across 20 different security domains in industry, so the frontier is wide. The head of ENISA's Core Operations called it “a paradigm shift in the way industries operate” and one which “blurs the boundaries between the physical and digital world.”

Like the Pilgrim Fathers or the pioneers of the American Old West, we are setting out to discover a whole new world ahead, and we must be ready for the unexpected. The dangers are real and ever-present, but following these guidelines will give you a fighting chance against the constantly evolving ingenuity of hackers. In our increasingly connected world, improving cybersecurity in your factories is the best chance you've got to protect yourself and your business from the criminals who are out to destroy it.