Imagine having to put rubber boots on to fix the damage from a cyberattack. This act was a reality for researchers at a simulated coal plant in Sweden, where a paid penetration tester proved the vulnerability of the plant’s physical systems by tampering with its cooling system.
It took hours to wade through the resulting pool of water and remove the compromised logic controller that caused the flood.
Industrial facilities – which might consist of manufacturing assembly lines, coal or nuclear power plants, wind farms, and more – are now comprised mostly of digitized components. A robot arm, for example, may have a PLC directing its movements and multiple WiFi-connected IIoT sensors providing feedback on its speed and operating temperature. These devices are critical to modern manufacturing, but they also present windows of opportunity for attackers to take control.
Imagine some of the following scenarios:
- A hostile foreign power takes control of the electrical grid and starts turning off the lights.
- A hacker compromises the assembly line of an auto manufacturing plant and prevents the industrial machinery from fully tightening bolts in certain cars.
- A ransomware virus hits a wastewater treatment plant, preventing the organization from processing sewage until they pay a ransom.
These examples haven’t taken place yet, but without a greater security commitment from manufacturers and other industries, it’s only a matter of time.
What Makes Manufacturers Vulnerable?
The recent addition of digital controls to manufacturing equipment is having some unintended consequences. For example, one recent innovation is the use of mobile apps to control or monitor SCADA systems. While these apps might be convenient for engineers, researchers recently discovered flaws that would allow an attacker to compromise these apps and then take over equipment.
Other problems include the fact that administrators of operational technology (OT) may not be familiar with best practices for controlling information technology. Therefore, some flaws that might seem obvious to an IT admin aren’t so visible. Another example shows at least 1000 vulnerable Siemens programmable logic controllers (PLCs) connected directly to the general-purpose internet – most without authentication. An attacker wouldn’t even need to log in to cause havoc.
Lastly, while some manufacturing and industrial infrastructure is protected by common sense measures such as antivirus, others aren’t. Many industries still rely on obsolete air gaps, for example, to protect their equipment. Even those industries who have already invested in security solutions might find themselves unprepared to defend against nation states or sophisticated criminal organizations.
How to Prevent Industrial Cyberattacks
As of 2017, there are over 64,000 unguarded, internet-discoverable ICS devices floating around the web, each one potentially connected to critical infrastructure and manufacturing equipment. They collectively contain hundreds of vulnerabilities, including nearly 200 discovered just last year.
What manufacturers need is a way to connect their equipment to network devices in a safe way – one that leaves them impervious to discovery and co-option by attackers.
Safe-T Provides the Solution
Our Software-Defined Access suite allows connected devices to securely access the network, while also hiding them from being discovered on the internet, stopping 100% of unauthorized traffic. For manufacturing and infrastructure companies, this means the ability to modernize capital equipment without the risk that hackers will find and take over your equipment. According to Gartner, this technique could deflect up to 70% of attacks – and possibly stop the first industrial cyberattacks before it starts. For more information, contact Safe-T today.