Top cyber threats that impact smart factories

As we move towards a digital economy, manufacturing firms are increasingly turning to technology to enhance production efficiency and accelerate their response to meet the rapidly evolving needs of customers. With a heavy focus on interconnectivity and automation, modern smart factories are heavily digitalised and equipped with a plethora of cutting-edge systems.

Of course, the rise of digital technologies also brings a new level of cyber complexity to factories. Like all interconnected digital systems, smart factories are vulnerable to cyber security threats. This pertains not just to the IT systems but includes underlying systems such as programmable logic controllers (PLC) and embedded systems. What are the additional risks, and does the manufacturing industry have adequate cybersecurity programmes in place to prepare for the expanded risks?

The cyber threat to smart factories is real and growing. According to the Deloitte and MAPI Smart Factory Study, 4 in 10 manufacturers surveyed indicated that their operations were affected by a cyber security incident in the preceding 12 months¹. Yet a significant number of manufacturers have yet to build the requisite cyber security capabilities to secure some of their business-critical systems.

Deloitte suggests that manufacturing companies rectify this situation by managing their IT systems alongside the control systems that make up the operational technologies, also known as OT systems. Securing OT systems is vital as security is typically not covered in service-level agreements signed with system integrators and equipment vendors of OT systems. Moreover, aspects of security are often overlooked when implementing advanced technologies as part of new smart factory initiatives.

While a cohesive security strategy is one step, here are some ways that malicious cyber intruders can gain a foothold into a smart factory.

● Malware: Malware is the most common attack strategy used by cyber attackers and entails the infiltration of malicious software that either run surreptitiously in the background or Trojans that masquerade as legitimate apps. They might be installed through a variety of methods, including by social engineering efforts.

● Software vulnerabilities: Another way that threat actors can gain entry is by exploiting vulnerabilities in software to gain illicit access to connected systems. Once a beachhead is formed, additional reconnaissance efforts can reveal additional vulnerable systems which can be attacked and similarly compromised.

● Device compromise: OT hardware systems can similarly be compromised through known vulnerabilities or poor access control. Older systems tend to fare particularly poorly, which is why it is generally considered a good idea to segregate and shield OT networks.
 

How can manufacturers protect themselves against the various threats arrayed against them as they gear up for Industry 4.0? Though modern cyber-attacks can be insidious and often utilise multi-pronged attack vectors, it is possible to mitigate the risks of security breaches by adopting the following steps.

For a start, it is important to ensure that software updates are regularly applied, and security patches rigorously applied. Connected devices should be properly inventoried and monitored in real-time for unusual activity that might signal that they have been compromised.

A vital next step is to develop a cyber response plan that can be implemented in the event of a cybersecurity breach. As outlined by Gartner², an operational and effective incident response (IR) plan should include documenting the mission statement as well as the defining roles and responsibilities of those involved in the IR plan. Crucially, a good IR plan should include a formal post-incident learning process to reduce the likelihood of a recurrence.

Finally, manufacturers should leverage the expertise of cyber security professionals to conduct either a risk assessment or penetration testing – or both. The latter can serve to identify potential vulnerabilities and threats, allowing the security team to remedy the problems ahead of an actual cyber-attack. Penetration testing also offers a chance to test out the IR plan, and if necessary, to improve it.

See the unseen with trusted cyber security experts    

Daunted by evolving cyber threats and the rising costs of in-house security? Cyber security is an industry-wide problem, exacerbated by rapid digitalisation and constantly evolving threats. To help organisations, cyber partners can offer businesses and manufacturers greater visibility into their networks and digital systems.

With services that include around-the-clock managed detection and response, businesses can power their defence against evolving threats 24x7.

Speak to us to find out more.

¹Deloitte, Cybersecurity for smart factories, 2019.

²Dark Reading, How to Create an Incident Response Plan From the Ground Up, 2021.