In the previous article of the ‘Fit for the future’ series we looked at how to check your level of readiness and begin to map out the first steps to buck the trend to start on a path of innovation which will lead to operational improvement. In this post, entitled, “Mitigating cyber-security threats” we look at the potential threats to your business and how to mitigate them.
As the reliance on technology increases in manufacturing operations, the boundaries between IT and traditional OT have become more blurred. Standard hardware and software platforms replace the proprietary and legacy equipment of the past and virtualisation has enabled us to centralise the manufacturing servers that used to litter the desks and floors of control rooms and scale well beyond what we would have ever considered possible 10 years ago. In addition, the insatiable demand for data requires greater connectivity which has seen control system networks gradually connected to the business IT networks. What used to be ‘never the twain shall meet’ is now fully converged.
As a result, we find we are much more vulnerable to cyber-security threats than we ever were in the past and these threats not only arise from phishing attacks and ransomware from nefarious individuals who lurk in the shadows in the Far East or Russia. We could be just as vulnerable to threats initiated unintentionally by actors within our organisation, as a result of nothing more than a lapse of concentration.
Recent publicised cyber-attacks such as Colonial Pipeline in North America and Acer in Taiwan demonstrate how vulnerable we are and the devastation and disruption it causes an organisation. It is reported that Colonial Pipeline paid a $4.4m ransom after a six-day shutdown to enable operations to resume.
It is therefore more important than ever that your manufacturing systems are kept up to date. Having the latest versions of software running on the latest operating systems at least allows you to keep up to date with patching. If you continue to run Windows NT or Windows XP because your manufacturing software is not compatible with the latest operating systems or computer hardware, upgrade it!
Many of the ransomware attacks exploit vulnerabilities in older operating systems and software applications that are no longer supported or patched. The days of disabling antivirus programmes because they interfered with control system software are over and running the latest applications and operating systems ensures the antivirus updates and system patching can be carried out in the same way they are on the traditional IT systems.
Removing the computer hardware from the control rooms by virtualising the servers and replacing workstations with thin-clients adds a layer of physical protection from the unintentional actor too, removing the opportunity to insert USB drives into critical system computers. Having this equipment in the IT environment too means the systems are more likely to be backed up as part of your regular IT backup process, streamlining any potential disaster recovery.
Implementing a segmented network, with individual subnets used to separate functional areas can satisfy the need for greater connectivity as the demand for more visibility of data increases. This will help to reduce network congestion and contain network problems whilst improving security by permitting access to network segments based on access needs and limiting the potential surface area of an attack.
It’s also important to work with partners with a great deal of understanding of the potential threats and how to mitigate them. The capability of the system integrator to advise in terms of best practice for system architectures, network architectures, update and patching regimes, backup strategies and virtualisation is paramount in mitigating cyber-security threats.