3 steps to protect your manufacturing operations from cyber-attacks

Cyber-attacks are on the rise, and manufacturers are amongst the key targets. Chris Borrowdale, IT Manager at Cimlogic, discusses the threats and outlines the steps you can take to minimise the damage to production and brand reputation.

1. Have secure remote access

The home is where the heart is, it is a place where we should feel safe and secure, and where we value the people and things in it the most. The front door can be used by staff when on site, who use computers to access the network. These are our family, they are identifiable and least likely to hurt us or take our things. They have keys to get in through the front door e.g. RFID, photo-ID badges or simple good old-fashioned keys and locks to allow them through the edge of the network.  We know who has been given a key, we also know that we can change the locks, user accounts can be disabled, entry fobs deactivated, and a computer connected to our internal LAN of course can be controlled. The back door could be used by a contractor, somebody who is known to us but not family and is only granted limited access to our home. When something needs maintaining under a support agreement, provided by a third party, it is more efficient for them to gain remote access without necessarily needing to be physically on site. So, what about those windows? It’s not usually how we gain access to our homes, but these are things such as leaky WiFi signals which allow connections onto our networks from people with a laptop sat in a car parked on the street outside. How comfortable would you feel if an unknown person had access to your home, day and night? You wouldn’t lose control of who has access to your property, so why lose control of your IT networks? Securing remote access includes areas such as VPNs, passcodes and passwords, two form factor authentications and, of course firewall technologies.  Ensuring that all usual entry methods are secure, by knowing who has access, when they have access, and through what entry methods, will reduce the threat of attack.

2. Keep control of your IT Networks

SCADA and PLC systems have traditionally run on an air-gapped network, often referred to as the OT network, as opposed to the IT network. However, this air-gap is now being removed with a view to getting direct data from the factory floor into ERP or MES systems, and in-front of end-users who wish to use this big data analysis to drive efficiencies and productivity to trend and inform decision making. Once control of network systems has been achieved, the possible implications could be huge. For example, a small conveyor on a production line could be made to run too fast, causing products to be filled incorrectly, or made to stop, causing a blockage or downtime. A mixer in a pharmaceutical plant could have highly sensitive recipe intellectual property stolen or worse still, it could be adjusted so that potentially hazardous product was produced. If network monitoring hadn’t alerted to the intrusion attack, this product could leave the production line, causing physical injury to those consuming the product and not forgetting the huge damage to brand reputation. Ovens in a food processing plant could be turned on or off, temperatures could be put up or down, resulting in a catastrophic fire or explosion. Keeping control of your IT networks is imperative in protecting the overall security of your production environment.

3. Always apply patches and updates

Security of your production lines are at risk, now that we are no longer air-gapped. Software patching alone would have prevented the vast majority of damage caused by the recent ransomware and malware attacks. Keeping patches up to date, is the simplest way to reduce the risk of an attack. By not applying the relevant patch, you might be leaving the door open to a malware attack. If your boiler at home needs fixing and runs the risk of a water leak, would you ignore the signs or call for a plumber to fix the problem? The plumber may suggest an annual service to check that the boiler is working properly, to identify any parts that may need to be upgraded or replaced, all to ensure that the boiler is operating as efficiently as possible, whilst reducing the risk of malfunction and damage to your property. Should the same principle be applied to production system software patches and upgrades? Many tools exist to assist in patching and testing patches before releasing to the production environments, and it really is the simplest way to reduce risk.

Watch the Cyber Security Webinar recording on our YouTube channel https://youtu.be/kS2vQvcGPWQ

If you have any security concerns or would like to discuss how to increase the security of your systems further, please get in touch with one of our IT security experts. Call us on +(0)1274 599955 or email: enquiries@cimlogic.co.uk