Since industrial networks are primarily built and expanded to address growing business demands, it may be easy for administrators to overlook common system vulnerabilities. For example, when adding a device to a newly built or expanded network, do you know which industrial Ethernet switches have unlocked ports? Or, do you simply connect new devices without a second thought?
It must not be forgotten that ignoring common system vulnerabilities in today’s world could put your entire network at risk.
Stage 1 vulnerabilities: exploration and infiltration
Recall the last time you logged onto your network. How complex was your password? Although weak passwords may be easier for busy administrators to remember, they are also easier for malicious actors to crack through a brute force attack. By scanning your network, hackers can identify open ports and infiltrate your network just like a burglar entering through an unlocked gate.
How to mitigate
One of the simplest ways to enhance your network security is to ensure that users create a sufficiently complex password to reduce the likelihood of an attacker guessing your credentials by brute force. For additional security, you should also consider a login failure lockout mechanism that limits the number of unsuccessful login attempts, which may indicate a brute-force attack. To protect your network from port scanning, you can create a whitelist of ports that are accessible through your firewall and also disable WAN pinging.
Stage 2 vulnerabilities: utilisation and network control
During the second stage of a cyberattack, the malicious actor has already infiltrated the network and is using resources on the network for their own purposes. Even though they are not actively wreaking havoc on the network, they are secretly gathering information and laying the groundwork for a more harmful attack.
How to mitigate
To limit the attacker’s ability to move throughout your network and commandeer your devices, we recommend network segmentation and traffic control. For example, you should partition your network into smaller segments and control the communications that pass through these segments. In addition, deploying whitelist control to prevent command injection can also limit the severity of the security breach.
Stage 3 vulnerabilities: services and data disruption
Stealing or destroying critical business data from networks will be costly and harmful to any organisation. However, these malicious actions are far from the worst-case scenario of a successful cyberattack. During the last stage of a cyberattack, the hacker is no longer studying networks but actively causing damage.
During stage 3 of a cyberattack, the hacker could make a machine or network resources unavailable to authorised users by temporarily or indefinitely disrupting services on a host. This is typically called a Denial of Service (DoS) attack, which involves flooding a targeted machine in an attempt to overload it with pings. Furthermore, a hacker could unleash malware, including ransomware to deny you access to your network resources until a ransom is paid.
How to mitigate
Although damage has already been done by the time the cyberattack reaches stage 3, you can still mitigate the overall harm to your network by ensuring sufficient DoS or DDoS (distributed DoS attacks that involve multiple systems) protection and deploying industrial IPS (intrusion protection system) for ransomware and other malware. You should also maintain reliable system backups and blacklist unauthorised protocols to minimise data loss.
Buildings in Africa’s urban evolution Schneider Electric South Africa
IT in Manufacturing
Africa is now an urban continent. How does the continent mobilise to accommodate urban dwellers and maintain and implement critical infrastructure that allows for this expansion? Building management systems provide a tangible solution to optimise resource use, lower operations costs and ultimately contribute to a growing continent that also employs green practices.
Read more...Black Rock Mining centralises mining operations with AVEVA
IT in Manufacturing
Black Rock Mine Operations replaced and upgraded its existing infrastructure, and installed additional capacity to expand production from 3 to 4,6 million tons in three years. The new system is powered by a suite of AVEVA solutions.
Read more...The strategic role of technology in today’s economy
IT in Manufacturing
In an era of economic uncertainty and persistent market volatility, businesses are under immense pressure to manage costs while maintaining operational effectiveness. The role of chief information officers and chief technology officers has never been more critical, as they are tasked with leveraging technology not just as a tool for efficiency but as a strategic asset in navigating these turbulent times.
Read more...Minutes to meltdown: surviving a cyber attack
IT in Manufacturing
Commvault recently hosted its Minutes to Meltdown event. Led by the company’s security experts, this was an interactive and detailed ransomware attack simulation designed to help companies understand how to respond in the event of a cyber attack.
Read more...Siemens elevates automotive and aerospace simulation Siemens South Africa
IT in Manufacturing
Siemens Digital Industries Software has announced the latest update to its Simcenter portfolio, delivering advancements in aerostructure analysis, electric motor design, gear optimisation and smart virtual sensing. These enhancements are designed to streamline workflows, accelerate certification and provide deeper insights into system performance.
Read more...Automation in 2025: Navigating manufacturing innovation without the risk
IT in Manufacturing
During 2025, a wave of innovative technologies is expected to disrupt and change the way IT is applied to automation systems. The challenge lies in balancing the reliability of proven techniques with the potential of new technologies, all while minimising and controlling risk. This article explores ways to approach the latest information technologies effectively in a manufacturing context.
Read more...South Africa’s AI revolution is here – but are we secure?
IT in Manufacturing
South African businesses are sprinting to embrace generative AI, lured by its potential to drive efficiency, productivity and innovation. But here’s the stark reality: without a rock-solid cybersecurity foundation, AI will become a Trojan horse, opening the floodgates to sophisticated cyber threats.
Read more...Shaping data resilience strategies with AI and hybrid cloud solutions
IT in Manufacturing
In today’s rapidly evolving digital landscape, organisations are under growing pressure to secure their operations against increasingly sophisticated cyberthreats, including those that leverage AI to enhance the success rate of attacks. In this landscape, it has become essential to ‘fight fire with fire’ – harnessing AI as a means to counter these threats.
Read more...Advancements in wire rope testing
IT in Manufacturing
Being able to get instant, real-time and portable detection of wire rope flaws can make a significant difference for operational teams. There have been a number of significant technological advancements and tools entering the market that help wire rope operators detect and resolve problems faster.
printer friendly version