Get the latest updates on the Coronavirus impact on engineers.Click Here
Cybersecurity

Securing manufacturing in a crisis situation

With remote work becoming the new norm, it's important to stay on top of cybersecurity measures. Check out some tips on how to protect yourself from a cyber attack.

By Gregory Hale July 27, 2020
Courtesy: Chris Vavra, CFE Media

A new and evolving remote worker is here to stay and, while he or she may end up with a hybrid model of what the “next normal” will be, one thing is for sure, this new environment is an opportunity hackers are salivating at to continue generating their ill-gotten bounty.

“We are in a crisis situation with COVID-19,” said Paul Didier, IoT manufacturing solutions architect said during his talk entitled, “Preparing Security and Virtual Work Environments for Crisis Situations” during the ROKLive virtual event held by Rockwell Automation. “We are adapting quite rapidly to this situation. Working at home is a reality, but most are developing a hybrid model. Companies are coming up with hybrid models like work from home and sometimes go into the office. This will be a model to work with in the future.”

The catch is however, while a good share of employees enjoy working from the friendly confines of home where they are just as productive if not more, working from the corner office in the downstairs den is creating more cyber risk.

“Working at the office leaves you more in control,” Didier said. “When working from home, much of the first connectivity hop is open network. You are inherently creating more risk, creating greater risk.”

That means the company information technology (IT) and security teams will have to support you from any connection they have to so they can:

  • Verify identity
  • Grant safe access to company applications and data
  • Protect data from threats
  • Make security frictionless.

For a secure remote worker, key considerations to allow for a secure environment includes multi-factor authentication, Didier said, adding that is a good way to alleviate risk.

“A VPN is a critical consideration to ensure encrypted communication,” he said. “DNS security is really critical because invalid sites have been used to steal credentials. End points do need to be secured. You will want to manage the end points and what is running on them very tightly.”

When it comes to securing the end point, Didier said ensuring workers have access to devices will allow them to continue to work. But, they don’t need access to everything. Make sure there is some level of access management.

In addition, with more workers off site, collaboration tools will be vital to work with others. These tools have to be pretty simple and easy to use and not take a lot of time, he said.

In addition, all devices with access to company resources should be fully patched, Didier said. Some devices are not compliant with organizational security polices, which means a security audit is in order.

On top of that, to add to the security layers, logging and passwords should be enabled as should screen lock features. That applies to employee-owned and corporate-owned devices.

On top of that, users must use sanctioned software from verified suppliers. Remote plant users should be using strict well-defined software, he said.

“We do not recommend people to use Remote Desktop Protocol (RDP) access when connecting to a plant network,” Didier said. “Instead, use a VPN to securely connect to the corporate network. Again, multi-factor authentication is a key consideration.”

Didier offered a few tips on how to protect yourself:

  • Look for a VPN
  • Look to deploy multi-factor authentication
  • Remote workers need to go to good, solid web sites
  • Don’t click on any attachments from unknown sources
  • Protect devices.

Along the lines of attackers taking advantage of the situation, breached records globally skyrocketed by 273% in the first quarter, compared to the year ago period with over 8.4 billion documents leaked, a new report found. The number of hacked or accidentally exposed files reached a record-high during the first quarter of 2020, according to a report by Atlas VPN.

In addition, Kaspersky research found the average number of daily web attacks have grown by 25% since January. In addition, specific threats that drove the increase included cookie-stuffing websites, as well as Trojan-PSW browser script modifications that infect e-commerce websites and steal credit card information.

Attackers also took special aim at newly-restructured corporate networks, hitting servers and remote access tools. The average daily number of brute-force attacks on database servers in April was up by 23% from January, according to Kaspersky research.


Gregory Hale
Author Bio: Gregory Hale is the editor and founder of Industrial Safety and Security Source (ISSSource.com), a news and information website covering safety and security issues in the manufacturing automation sector.