Cybersecurity in the Age of Industry 4.0

Industry 4.0 and the smart factory

McKinsey defines Industry 4.0 as “the next phase in the digitization of the manufacturing sector, driven by four disruptions: the astonishing rise in data volumes, computational power, and connectivity, especially new low-power wide-area networks; the emergence of analytics and business intelligence capabilities (BI); new forms of human-machine interaction such as touch interfaces and augmented-reality systems; and improvements in transferring digital instructions to the physical world, such as advanced robotics and 3-D printing.”

With Industry 4.0 comes “the smart factory.” More than just the latest buzzword, the smart factory is a confluence of trends and technologies that are reshaping the way things are made and revolutionizing the way factories function. Industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, big data, the Internet of Things (IoT), the Industrial Internet of Things (IIoT), smart and self-learning machines, advanced analytics, robotics, and cognitive computing all fall under the Industry 4.0 umbrella.

Digital transformation in the industrial sector continues apace as Industry 4.0 gains momentum. KPMG predicts enterprises will spend $232 billion on automation by 2024. And BI Intelligence estimates the number of connected machines in manufacturing environments will increase from 237 million in 2015 to 923 million in 2020. However, willingness to embrace the potential productivity benefits of digital transformation also means accepting and mitigating new risks – and these risks are real.

Cybersecurity as a key enabler of adoption

There’s a lot to be gained by adopting Industry 4.0 technologies, so why hasn’t adoption kept pace with expectations? The answer is simple: security.

As it continues to adopt Industry 4.0, the manufacturing industry becomes an increasingly appealing target for attackers, who have the opportunity to move laterally across a manufacturing network, jumping across IT and OT systems for their malicious activities. Without strong protections in place, bad actors can take advantage of systems for industrial espionage, intellectual property theft, IP leakage, or even production sabotage.

Industry 4.0 cybersecurity challenges

Manufacturing is the second-most attacked industry, yet the manufacturing sector lags when it comes to security.

Smart factories can be subject to the same vulnerability exploitation, malware, denial of service (DoS), device hacking, and other common attack methods that other networks face. And the smart factory’s expanded attack surface makes it extra difficult for manufacturers to detect and defend against cyberattacks. These threats now work on an entirely new level with the dawn of the IoT, and they can result in serious physical consequences, especially in the realm of the IIoT.

Here are a few new security challenges that organizations face in the age of Industry 4.0:

• Every connected device represents a potential risk.
• Manufacturing systems such as Industrial Control Systems (ICS) have unique vulnerabilities that make them particularly susceptible to cyberattacks.
• Industry 4.0 connects previously isolated systems, which increases the attack surface.
• Upgrades are often installed piecemeal since the systems are very complex.
• Manufacturing has many fewer regulated compliance standards than other sectors.
• Visibility is poor across separate systems and isolated environments.

Also, note that the battle is decidedly unbalanced. While organizations must protect a wide swath of technology over a very large attack surface, attackers need only pinpoint the weakest link.

High-profile security breaches

One of our earliest wake-up calls came in 2009, when malware manipulated the speed of centrifuges in a nuclear enrichment plant, causing them to spin out of control. This malware, now known as Stuxnet, was introduced into standalone networks via flash drives, and it autonomously spread across production networks. Stuxnet’s sophistication served as a powerful early example of cyber-attack potential in the world of connected factories. More recently, a new type of malware called Trident was discovered, which undermines safety instrumented systems (SIS), enabling attackers to destroy or damage whatever processes those systems protect by feeding false data. The increased connectivity of smart machines only raises the stakes.

Key takeaways

The manufacturing industry is currently undergoing a digital transformation.

• Cyber-physical systems (CPS) combine physical components and digital networks to revolutionize the way companies automate processes and share information.
• The smart factory’s combination of virtual and physical systems makes interoperability and real-time capability possible, but it comes with the cost of an expanded attack surface that requires both IT and OT defenses.
• Organizations must carefully consider the security implications to have a successful Industry 4.0 journey.
• In the end, security best practices will be key to the success of Industry 4.0.

Emerging Industry 4.0 best practices

As more connected systems are deployed and the opportunities for an attack against intellectual property increase, protecting against evolving threats is becoming a full-time task.

The manufacturing sector needs to:

• Adopt a risk-based security mindset (tying business criticality to defense strategies).
• Keep an accurate inventory of all OT assets in real-time.
• Marry the best of IT and OT as an integrated defense strategy across all attack surfaces.
• Identify and fix outdated systems, unpatched vulnerabilities, and poorly secured files.
• Take a security-first approach to the deployment of new connected systems.
• Remain ever vigilant to spot potential threats with real-time vulnerability assessments and risk-based prioritizations.
• Ensure that technology suppliers and connected equipment manufacturers commit to regular security and software patches and audits.

Threat intelligence, including monitoring of the dark web, can also act as an early warning system to uncover planned attacks. Thus, the organization can pre-empt a breach and take immediate action to protect their digital corporate assets and physical infrastructure.