Three cybersecurity changes that manufacturers should implement

As connectivity increases, so does the level of sophistication in cyber attacks against manufacturers and other industries. Three security recommendations for manufacturers are highlighted.

10/29/2017


It is difficult to paint a rosy picture of security today, with the hike in sophistication and the broadened attack surface, the answers are not easy, but the reality is there are solutions and manufacturers can win out in the end.

 

"The systems you are in charge of are under attack," said Dr. Joel Brenner, MIT/Internet Policy Research Initiative (IPRI)-CIS during his keynote address at the Industrial Controls System Joint Working Group 2017 Fall Meeting in Pittsburgh, PA, in September. "The ability to carry out the attack are not only with nation states, but by well-funded attack groups."

That means critical sectors need protection, but keeping all the critical areas secure would not be possible.

"There are critical sectors and then there are really critical sectors," Brenner said, breaking the critical areas into four key sectors. "The four sectors are oil and gas, financial, electricity, and communications."

Recent attacks on the British national healthcare services, Ukrainian power suppliers, Saudi oil company Aramco, and Qatari gas enterprise Ras Gas demonstrate that there have been an increasing amount of assaults against critical infrastructure organizations.

While there are advantages to a more digital manufacturing enterprise, there are dangers.

Increased connectivity, digitization, and application of the Industrial Internet of Things (IIoT) can make companies more vulnerable to new types of attacks.

Brenner offered three security recommendations for manufacturers:

1. Key operations technology (OT) controls must be isolated from public networks if they are to be reasonably secure.

Not all networks need to be segregated, only key aspects of OT controls, he said. He admitted there are differences of opinion about appropriate degrees of separation. "Taking control off the Internet does not mean taking it away from digital," he said. "Not all functions need to be facing the public Internet. Some functions need to be locked up. There are lots of ways to figure out how to isolate."

2. Governments should support a market for simpler, safer control technology.

In this world, complexity is the enemy and malware is easy to insert into the millions of lines of code. In addition, he said, general-purpose microchips and general purpose controls are unsuitable for controlling sensitive OT. "If we are going to have simpler controls, there has to be a market for them—and it needs support from governments across the world," he said.

3. Market incentives must be realigned for cybersecurity.

Retirement of legacy systems should be a priority. Brenner said governments should create tax incentives to accelerate the retirement of legacy systems. When it all comes down to it, he said, "The most difficult cybersecurity challenges are economic and political—not technological."

He believes the main challenge in doing security research is to quantify network risk. There needs to be more facts and figures; the inability to quantify risk impedes security.

"The biggest issue of risk is not the silicon-based element in the computers, it is the carbon-based unit in the chair," Brenner said.

The industry has been working on security issues for 20 years and Brenner doesn't feel there has been any real difference in risk.

"We have been facing the consequences of 20 years of wishful thinking," he said.

"Cybersecurity is not getting any better. We have been walking backward on cybersecurity for 20 years. Your security may be better, but we are not more secure. We have got to understand the fundamental problems are political and connected to national will. Now is the time to be clear headed and honest with ourselves on the depth of the problem."

 

Gregory Hale is the editor and founder of Industrial Safety and Security Source (ISSSource.com), a news and information Website covering safety and security issues in the manufacturing automation sector. This content originally appeared on ISSSource.com. ISSSource is a CFE Media content partner. Edited by Chris Vavra, production editor, CFE Media, cvavra@cfemedia.com.

ONLINE extra

See related stories from ISSSource linked below.



The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by Control Engineering subscribers. Vote now (if qualified)!
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Factory automation controllers, Ethernet updates, System Integrator of the Year roundtable, Inside Process and VFDs
Robotic simulation and welding, Process building blocks, Discrete sensor advice, Virtualization advice
Maximize ROI with integrated control system approach; Microcontrollers vs. PLCs; Power quality; Accelerate and rewire IIoT; Traits for excellent engineers
Programmable logic controllers (PLCs) represent the logic (decision) part of the control loop of sense, decide, and actuate. As we know, PLCs aren’t the only option for making decisions in a control loop, but they are likely why you’re here.
This digital report explains how plant engineers and subject matter experts (SME) need support for time series data and its many challenges.
This article collection contains several articles on how advancements in vision system designs, computing power, algorithms, optics, and communications are making machine vision more cost effective than ever before.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Product of the Year winners, Pattern recognition, Engineering analytics, Revitalize older pump installations
Control room technology innovation; Practical approaches to corrosion protection; Pipeline regulator revises quality programs
Cloud, mobility, and remote operations; SCADA and contextual mobility; Custom UPS empowering a secure pipeline
Automation Engineer; Wood Group
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by Control Engineering subscribers. Vote now (if qualified)!
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Factory automation controllers, Ethernet updates, System Integrator of the Year roundtable, Inside Process and VFDs
Robotic simulation and welding, Process building blocks, Discrete sensor advice, Virtualization advice
Maximize ROI with integrated control system approach; Microcontrollers vs. PLCs; Power quality; Accelerate and rewire IIoT; Traits for excellent engineers
Programmable logic controllers (PLCs) represent the logic (decision) part of the control loop of sense, decide, and actuate. As we know, PLCs aren’t the only option for making decisions in a control loop, but they are likely why you’re here.
This digital report explains how plant engineers and subject matter experts (SME) need support for time series data and its many challenges.
This article collection contains several articles on how advancements in vision system designs, computing power, algorithms, optics, and communications are making machine vision more cost effective than ever before.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Product of the Year winners, Pattern recognition, Engineering analytics, Revitalize older pump installations
Control room technology innovation; Practical approaches to corrosion protection; Pipeline regulator revises quality programs
Cloud, mobility, and remote operations; SCADA and contextual mobility; Custom UPS empowering a secure pipeline
Automation Engineer; Wood Group
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by Control Engineering subscribers. Vote now (if qualified)!
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Factory automation controllers, Ethernet updates, System Integrator of the Year roundtable, Inside Process and VFDs
Robotic simulation and welding, Process building blocks, Discrete sensor advice, Virtualization advice
Maximize ROI with integrated control system approach; Microcontrollers vs. PLCs; Power quality; Accelerate and rewire IIoT; Traits for excellent engineers
Programmable logic controllers (PLCs) represent the logic (decision) part of the control loop of sense, decide, and actuate. As we know, PLCs aren’t the only option for making decisions in a control loop, but they are likely why you’re here.
This digital report explains how plant engineers and subject matter experts (SME) need support for time series data and its many challenges.
This article collection contains several articles on how advancements in vision system designs, computing power, algorithms, optics, and communications are making machine vision more cost effective than ever before.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Product of the Year winners, Pattern recognition, Engineering analytics, Revitalize older pump installations
Control room technology innovation; Practical approaches to corrosion protection; Pipeline regulator revises quality programs
Cloud, mobility, and remote operations; SCADA and contextual mobility; Custom UPS empowering a secure pipeline
Automation Engineer; Wood Group
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me