Cybersecurity company Trend Micro recently released a report on the state of industrial cybersecurity and the challenges facing manufacturers. According to the report, most manufacturers have experienced cybersecurity incidents in their smart factories and are struggling to deploy the technology needed to effectively manage cyber risk.
“Manufacturing organizations around the world are doubling down on digital transformation to drive smart factory improvements. The gap in IT and OT cybersecurity awareness creates the imbalance between people, process and technology, and it gives bad guys a chance to attack.” Akihiko Omikawa, executive vice president of IoT security for Trend Micro, said in a press release. “That’s why Trend Micro has integrated IT and OT intelligence and provides a comprehensive solution from the shop floor to the office. We’re helping put visibility and continuous control back in the hands of smart factory owners.”
The report includes the results of an online survey with 500 IT and OT professionals in the United States, Germany, and Japan. The survey indicates that 61 percent of manufacturers have experienced cyber incidents. Seventy-five percent of these companies have suffered system outages as part of the incident and 43 percent said outages lasted more than four days.
“Manufacturing companies play a part in the global supply chain and as can be seen from the report anyone that can penetrate the perimeter can then have a freehold of the internal network and can riot by not only impacting production by shutting systems down but also sabotage and contaminate product being manufactured,” says Bharat Mistry, U.K. technical director for Trend Micro.
In the Trend Micro survey, 78 percent of respondents identified technology as the biggest security challenge. Sixty-eight percent of respondents cited people and 67 percent cited process and the biggest challenge.
“Technology is the biggest challenge faced by manufacturers in each country,” says Mistry. “Manufacturing or plant network architecture does not factor in segmentation or zoning of systems and services. Everything is on one big flat network so that everything can communicate with each other with any security inspection or controls. This is ok when everything works, but if there was an infection like ransomware then this could spread very easily and rapidly without any barriers.”
Industrial Cyber talked to Mistry about the challenges facing manufacturers. He says the challenges stem from insecure authentication due to flaws from legacy design and the use of factory default passwords that have never been changed.
“The software and firmware of critical assets running legacy systems are no longer updated, meaning newly-discovered vulnerabilities will not be patched,” Mistry says. “Many control communication protocols are not encrypted, which also makes it easy for hackers to manipulate factory operations and disrupt production.”
Less than half of respondents in the Trend Micro survey said they’re implementing technical measures to improve cybersecurity. According to the report, asset visualization and segmentation were the least likely of cybersecurity measures to be deployed, which could indicate that these measures are the most technically challenging for organizations to implement.
“Over the last decade attacks on manufacturing systems have been few and far between. But in the last two to three years as manufacturers look at programmes like Industry 4.0 to get better business insight into operations and create new business models by connecting their manufacturing environments to enterprise IT and public cloud, we have seen a significant rise in attacks,” Mistry says. “Manufactures embarking on the journey to digital transformation and connecting previously closed systems to public internet and even third party suppliers do need to factor in the cybersecurity risks and put in a mitigation strategy that reduces the exposure especially to vulnerable systems and whilst still maintaining safety and availability.”
The report also indicates that organizations with a high degree of IT-OT collaboration are more likely to implement technical security measures than those with less cohesion. There was a particularly large disparity between organizations with high IT-OT collaboration versus those with little to no IT-OT collaboration in the use of firewalls, IPS, and network segmentation.
According to the report, standards and guidelines were cited as the top driver for enhanced collaboration in the United States , Germany, and Japan. The National Institute of Standards and Technology’s Cybersecurity Framework and ISO27001 were among the most popular guidelines cited by respondents.
“The approaches across the different countries are broadly similar in that all tend to focus on having a strong emphasis on the perimeter with decreasing measures on the internal network. In terms of controls we see the common set of network firewall, IPS and USB storage controls,” Mistry says. “In addition in the US we see antivirus ranking high along with vulnerability management. Also great to see that for regulated industry, standards such as NIST CSF are also widely adopted.”
The Trend Micro report concludes that while manufacturers are rushing to introduce technical cybersecurity measures in the factory, these efforts are still largely in the development process. Moving forward, the report indicates that involving both IT and OT in the decision-making process will be essential to addressing the challenges facing manufacturers.
“In recent years, many enterprises invested heavily on Industrial IoT and Industry 4.0 to transform their business operations,” says Mistry. “One key aspect to implement the IIoT is to digitalize and interconnect the industrial control systems so that big data can be utilized to create new business intelligence. Originally, ICS networks were physically isolated and almost immune to cyber attacks. With this transformation, more industrial systems are brought online to deliver big data and smart analytics through technological integrations. IT/OT convergence provides organizations with a clearer view of their industrial systems together with better process management. However, it also generates new cybersecurity risks due to the transition from closed to open systems.”