In 2022 the manufacturing sector suffered the largest share of cyberattacks of any industry worldwide. The main reason for this was the convergence of information technology (IT) and operational technology (OT), which exposed OT infrastructure to new cyberthreats; but modern manufacturing cannot quarantine itself from the outside world if it wants to remain competitive.
A new threat to smart manufacturing systems
The rise of smart manufacturing has seen a growing number of cyberthreats in the industrial sector as an unintended consequence of the convergence of IT and OT. While this achieves better efficiency and creates greater value, it also exposes traditionally isolated OT systems to all kinds of cyberattacks. The combination of an ever-expanding threat landscape with the extremely low tolerance of manufacturing organisations to downtime makes them a high profile target.
A deeper look at the types of industrial applications that have been targeted reveals some common challenges and some clear areas for improvement. Let’s take a look at practical examples of industrial applications, how cyberthreats can affect them, and how their vulnerability to cybersecurity risks can be mitigated.
Real-time facility monitoring
Applications requiring real-time monitoring and control of large-scale industrial networks are increasingly susceptible to cyberthreats. These generally involve the deployment of many connected devices across a wide area to collect, send and analyse large amounts of data from the field at the control centre. Consider the following cybersecurity concerns:
• Hundreds of PLCs and sensors at the edge need to be connected to collect data about manufacturing facility conditions and to optimise energy usage. Each of these devices is a new node that could potentially fall prey to cybersecurity attacks, such as unauthorised access or malware attacks.
• Vulnerabilities are amplified when these networks expand and aggregate large numbers of edge devices into the distribution layer. If the network is not properly segmented, the whole network is vulnerable when just a single node is compromised.
For these applications, operators should consider a defence-in-depth approach. This involves selecting secure devices, building robust network defence layers, and identifying the network status to ensure network security and availability. Selecting security-hardened devices that have passed international security certifications, or have security functions based on internationally recognised standards such as IEC 62443 and NERC CIP, can provide solid building blocks when adding new network nodes. Segmentation and threat prevention provide another layer of protection to guard against attacks and help prevent unwanted intrusions and threats from propagating to other network nodes. Last, but not least, constantly monitoring the security status of your network nodes allows you to stay aware and respond to any issues or abnormalities.
Industrial machine integration
Another manufacturing application that is vulnerable to cybersecurity threats is the integration of industrial machinery into networks for optimised management. Traditionally, industrial engineers would build a closed network environment and use similar patterns to assign IP addresses to machines. However, the ability to control and manage industrial machinery remotely requires industrial networks to be connected to the internet. When these traditionally isolated machines need to be connected to a centralised management system, using the same pattern to generate IP addresses for all machines can result in IP conflicts and may cause network downtime. All machines will need their IP to be reconfigured, a time-consuming task that can easily result in security vulnerabilities. Furthermore, when they are connected over an internet-enabled public network, they are exposed to all types of new cyberthreats. Predictable IP addresses, in particular, can quickly become a target for cyberattacks.
Simplified management and enhanced security can go a long way in addressing these vulnerabilities. For example, system integrators could take advantage of network address translation (NAT) technology to protect IP addresses from prying eyes, and streamline device integration. More recent hardware solutions also offer embedded mechanisms for intelligent threat prevention that automatically block data coming from unauthorised IP addresses. When combined, these tools provide another robust layer of protection for machine networks.
Overcome OT networking hurdles
As you converge your OT and IT networks on the path to digitalisation, your network security must evolve to face emerging new cyberthreats. Regular monitoring of network infrastructure and keeping protection mechanisms up to date are vital parts of a dynamic security policy to protect connected systems and reduce costly downtime; but OT engineers might have limited training or experience in the latest IT, which makes it challenging to keep their systems intelligent and secure at the same time.
To defend against cyberthreats, it is crucial for system integrators and industrial operators to futureproof their manufacturing networks with integrated industrial networking solutions, and employ a defence-in-depth approach designed for OT engineers.
| Tel: | +27 11 781 0777 |
| Email: | [email protected] |
| www: | www.rjconnect.co.za |
| Articles: | More information and articles about RJ Connect |
© Technews Publishing (Pty) Ltd | All Rights Reserved
printer friendly version