The current pandemic has modified daily interactions drastically, turning face-to-face activities into distant, digital-centric encounters. From remote working to social distancing, industries are rapidly adapting to the new normal. Factories are no exception and are currently adapting to the new necessities in the wake of COVID-19. Below are two examples of changes that factories have implemented.
- Accelerated Shift to Automation: Worker-reliant factories are speeding up their transition to automated assembly lines to reduce the impact of employees being unable to go to work due to the pandemic. However, as automation requires more devices to be connected to the Internet, the risk of cyberattacks has increased immensely.
- Scale Up Information Security: Previously, all production equipment and personnel were located within the factory, but recently factories are being operated remotely. When people start to work remotely, the cybersecurity measures within the factory need to be extended to cover any devices that employees use remotely, as these devices are particularly vulnerable to cyberattacks.
In response to these risks, Moxa’s Jesse Ku, an industrial control system cybersecurity expert, who is also IEC 62443 certified and has worked on securing national critical infrastructure for several years, has proposed a five point "S.M.A.R.T.” cybersecurity strategy:
- Scan what you want to secure: Within the cybersecurity field, the most common method to enhance security is often the most effective for protection. By regularly scanning the computers and control equipment in the factory with antivirus software for viruses, unplanned updates, and malware, the risk of unexpected downtime can be greatly reduced. With remote working now more common across the manufacturing sector, this first line of defense must be extended to any devices employees use remotely to ensure total coverage.
- Manage security architecture: It is essential that the networks in a factory are stable and easily manageable. The defense-in-depth concept preferred by information security experts, which consists of multi-layered security control protocols, is often overlooked due to its complexity. However, as factories start investing heavily in automation, cybersecurity management, such as network segmentation, which often involves setting up a firewall between the automation equipment and the management server, becomes a necessity. In order to increase the security of any sensitive information, these protocols should be implemented quickly.
- Accelerate patching: In the past, there were two main guiding principles for factory operation: ensure the safety of personnel and maintain stable production. Unfortunately, software updates provided by equipment manufacturers are often ignored if the production equipment remains functional. This oversight in security patching can have catastrophic consequences as the software remains vulnerable and allows for cybersecurity breaches. According to a report by Trend Micro, since 2014, cybersecurity breaches relating to the way information is stored in industrial control equipment has increased dramatically. It is important to always bear in the mind that software vulnerabilities can have dire consequences if they are not attended to immediately.
- Remote control security: As working from home becomes the new normal, remotely connecting home computers to the company servers happens frequently. However, this presents significant cybersecurity concerns. Thus, connection security and authentication mechanisms, such as multi-factor authorization (MFA) and user authentication, should be implemented to significantly reduce the threat of cyberattacks.
- Teach everyone: The most secure network requires the participation of each individual who accesses the network. By educating everyone on the significance of network security via appropriate training courses, the reasoning behind certain decisions, and the related changes for the protocols, will increase the chance that the security policy is successful. Furthermore, armed with a full understanding of the changes to come, employees can smoothly adapt to the new security framework and regulations.
As automation technologies continue to improve, any aging OT network equipment will become more of a burden as the equipment is much more vulnerable to security vulnerabilities. Unfortunately, these security loopholes coupled with the lack of security training for factory personnel has left factories vulnerable to malicious attacks. In June 2020, a server at the automobile manufacturer Honda, was subjected to a cyberattack. The attack shut down many of the company’s factories located in different countries. Thousands of employees had to go home and wait for the system to resume operations. Another example is Norsk Hydro, a global leader in producing aluminum, also suffered a malware attack in 2019, resulting in an emergency switch from automated to manual operations at the main production line. It took Norsk Hydro more than one week to get their production back to normal capacity, causing estimated losses in excess of USD 75 million.
As factories gradually become more automated and smarter, it is essential to perform a careful review of their current security strategy. The pandemic has changed not only our social norms but also the way we work. As working remotely becomes the new norm, the future of network security will be a new and critical frontier for every manager of a smart factory.
Learn more from our ISA cybersecurity expert’s white paper: Can a Solution Provider Handle Industrial Cybersecurity? 8 Questions to Ask
1. “Secure Smart Factories-Threats to Manufacturing Environments in the Era of Industry 4.0”, Trend Micro, 2019.