Imagine the gains in productivity and profitability you’ll realize when you connect machinery to the Industrial Internet of Things (IIoT). More information means smarter decisions. And collective intelligence is better than siloed data.
Are you ready to share your data? I’m not talking about the cloud. I mean opening your data and your network and your controls available to anyone with a desire to access them.
Maybe someone in China or Russia has an interest in your equipment and controls. Maybe it’s the same individuals who were able to hack the U.S. federal government’s systems.
If you think you’re secure, you definitely are not.
A defense-in-depth strategy is a must, but that’s just to keep out the riff raff. The first rule of cybersecurity is to assume you will be breached. But how vulnerable are industrial computers to these threats?
“Cyber risks exist anywhere a connected asset exists, whether that asset is an industrial computer or another type of device,” explains Doug Wylie, CISSP, director, product security risk management, Rockwell Automation. “Cyber risks from both internal and external sources expand with each new connection. They create threats capable of disrupting not only specific devices, such as an industrial computer, but also the systems to which these devices connect. This includes potentially affecting control system operation, safety, productivity and the ability to protect assets, machinery and information. These threats have the potential to strike at the heart of a company’s reputation and its long-term viability.”
No single product, technology or methodology can fully mitigate cyber risks, says Wylie. “Protecting assets, including industrial computers, requires a defense-in-depth security approach to address internal and external security threats (Figure 1),” he says. “This approach utilizes multiple layers of defense—physical, procedural and electronic—by applying policies and procedures that address different types of threats—for example, multiple layers of network security to help protect networked assets and multiple layers of physical security to help protect high-value assets.”
Cybersecurity inhabits the day-to-day thoughts of manufacturers, and rightly so, as more and more data is stored and transmitted through cloud-based information systems, says Daymon Thompson, TwinCAT product specialist, Beckhoff Automation. “Fear surrounding hacking and data breaches has caused hesitance by some to adopt more connected information management tools,” he explains. “This is a giant mental block that can neutralize innovation, preventing some machine builders from implementing Internet of Things and Industry 4.0 concepts for smart factories. Today, extensive research, testing, and improvements are pushing security best practices to the forefront, helping assure that industrial data is kept safe.”
Machine security can be divided into three categories—direct local access, indirect local access and remote access, says Thompson. “Direct local access means that a potential attacker physically interfaces with the computer and interacts with it via attached input devices, such as a USB flash drive, mouse or keyboard,” he explains.
“Indirect local access means that the potential attacker cannot directly, physically interact with the device but has infiltrated the system by other, non-physical means. Remote access refers to a scenario in which a cyber criminal tries to attack the industrial controller from a remote location, such as through the local network. Network connectivity could provide a potential cyber criminal with more ways to compromise system security, as industrial controllers are becoming more and more connected to systems that reside in other connectivity layers, such as SCADA, MES systems or even the cloud.”