Manufacturing Security: Managing Machines in Motion
The manufacturing industry — including, but not limited to, automotive, electronics, food and beverage, textile and pharmaceutical companies — depends on production processes running at optimum efficiency to satisfy market demand. What happens when these processes are altered unintentionally or maliciously? The consequences could range from financial loss due to lower productivity to employees being subjected to dangerous work conditions.
Industrial control systems (ICS) consisting of servers that could appear on any network are key to keeping production lines running smoothly. Security gaps exist in many ICS networks because their focus has been primarily on performance and safety, not necessarily cybersecurity.
These systems have also been growing in complexity over the last several years, resulting in large, specialized network infrastructures. Typically, there isn’t a consistent security policy across all systems, which adds to the challenge of managing these complicated environments.
Multiple Layers of Risk in Manufacturing
Manufacturers are also at risk of being the target of industrial and economic espionage, with intellectual property as the prime prize, along with internal operational information. Both offer the potential for significant financial reward to threat actors targeting the industry. Trade secret theft appears to be escalating, and the potential points of entry are multiplied by extensive networks of supply chain partners.
The supply chain can also be the weak point for attacks on the products themselves. For example, the firmware for a vehicle electronic control unit (ECU) could be maliciously modified to malfunction, or an attacker could install a Trojan in the software for an in-vehicle entertainment system. It is important that supply chain managers understand how their suppliers’ cybersecurity practices could affect them and take steps to mitigate those risks.
Prevalent Attack Types
Although running industrial control systems can pose certain security challenges, the manufacturing industry is also affected by the same mainstream attack vectors that most other industries experience. Phishing, drive-by downloads, SQL injection attempts and distributed denial-of-service (DDoS) attacks are all plausible choices on the attack vector menu.
Manufacturers strive to keep their cost footprint down in order to make the highest profit on their products. The challenges of the modern production environment, coupled with the expense required to keep infrastructure secure, can put a strain on competitiveness.
A new IBM research paper focuses on the top attacks detected against this industry in 2015, along with a geographical representation of their origins and targets. We also take a look at how to reduce the attack surface in production ICS environments as well as some general manufacturing best practices to strengthen network controls and policies.