Secure the Heartbeat of your Manufacturing Facility

Operational Technology (OT) is the heartbeat of a smart manufacturing facility. As companies integrate their hardware and software, the possibilities for management, maintenance, quality control and scalability are endless. Despite the endless possibilities, manufacturers also have to be wary of cyber criminals and their increasing ability to remotely cripple operations.

Traditionally, the manufacturing industry were concerned of cyber threats affecting their IT departments which typically run only within their office environment. However, with operational technology or OT which now manages their production floors, manufacturers have to scale up their cyber security capabilities to avoid forced downtimes or interruptions to their production workflow.

Typical OT Machines or legacy machines as they are commonly known are also susceptible to cyber-attacks due to inherited vulnerabilities. Despite their humble beginnings being standalone or single purpose machines, the installation of IoT tracking devices which enables it to be included into the overall industrial control systems leave the machines exposed to cyber security issues.

I am going to address some common queries on cybersecurity for operational technology:

1) What is the difference between IT and OT cybersecurity?

• IT focuses on Data Confidentiality vs OT is focused on Health, Safety & Environment (HSE) and production.
• Response time is for IT is important vs for OT it is Critical.
•  IT uses standard protocols vs OT uses both standard and industrial protocols
• Rebooting is acceptable to IT vs rebooting is unacceptable for OT.
• IT is for office environment application vs OT is built for Specialized Industrial environment application.

2) What kind of cyber threats affect operational technology?

The cyber threats are similar to those that affect IT but the scale and possible loss incurred by the attack can differ for each production floor. Machines can be remotely shut down or industrial control systems can be manipulated causing downtime, loss of revenue and reputation damage to your brand.

Most common threats include ransomware where the criminal remotely locks your system and demands money in exchange for an encryption code; malware remotely planted in your OT systems; phishing of data from open portals. Some notable incidents in a large scale are “Stuxnet”, an espionage and or sabotage incident infiltrating the OT environment of Iran’s Centrifuges in (2010). Similarly, “Shamoon” is a malware that erases data e.g. Saudi Aramco, 30,000 computers wiped of their data back in 2012.

3) What kind of cybersecurity solutions should a manufacturer be looking at?

• Inventory and Control of Hardware and Software Assets within the OT network.
• Continuous Vulnerability Management.
• Controlled Use of Administrative Privileges.
• Secure Configuration for Hardware and Software on the ICS/OT network.
• Maintenance, Monitoring and Analysis of Audit Logs.

4) What are cybersecurity protocols?

Cybersecurity protocol is your PLAN to secure your operational technology. This PLAN needs to be comprehensive including all possible threats your production floor may face, vulnerable links in the system, detection process, analysis of attempts and system usage, consistent risk assessment programmes, regular reporting, employee training on best practices, documenting evidence and more. These protocols must be customised to your production facility as each floor is different due to the technology deployed.
Manufacturers cannot take cybersecurity lightly in their new connected environment as ignorance can cause much financial and reputation loss that will take more money and time to re-establish. Stay vigilant and secure your production facilities NOW.