Two years ago, I had the opportunity to meet a high-ranking US Senator. One thing that stuck with me was how seriously he took Chinese cyber espionage. Was it really possible that our phones could spy on us, even when powered down, unless the battery is removed?
I was skeptical, but since then, we’ve learned of the reality of incurable spyware that lives on your hard drive’s firmware, and seen countless high-profile cyber-attacks that can bring even the largest companies to their knees
What This Can Mean for Your Factory
There are a lot of reasons to be concerned about keeping your factory floor secure. Foreign competitors could attempt to steal your trade secrets and your competitive edge.
Facilities can also be hacked to halt production or cause massive damage by stopping systems or causing erratic behavior, as happened to a German steel mill in 2015.
Stuxnet, a computer worm that infiltrated multiple industrial sites in Iran, is another example that targeted a specific control system made by Siemens with the goal of causing centrifuges to spin themselves into failure.
Lastly, mischievous hackers could disrupt your production just for the lulz (like a hacked nuclear research facility in 2012 that, among other things, blasted “Thunderstruck” by AC/DC at random times throughout the night).
The Line Between Paranoia and Prudence
Deciding what level of protection your system really needs is a complicated endeavor. Keeping your cyber security bulletproof can be exhausting and expensive, while exposure to attacks can have devastating consequences.
To start, a quick review of your system and closing up some big, easy holes can make your factory a much less appealing target. This list is an overview of some things to consider and be aware of.
#1: Back up your control software.
There are so many reasons to do this. DMC has received many calls where a battery backup dies on a PLC and the client has no access to the original code.
Their entire system is gone.
While this isn’t always the result of an attack (it can even be an honest mistake by your team), failing to back up your control software can land you in serious trouble.
A good policy is to back it up on a system where your IT department can ensure the data won’t be lost, including RAID, incremental tape, or remote backups. Archival or software repository backups are best, as revision control allows you to go back beyond just the most recent save.
Just as importantly, take a hard stance on your policy for your control engineers or integration partners: each and every time a software change or a fix is made, it must be backed up!
#2: Consider isolation from the outside.
This bit can be tricky for system integrators like DMC, as we provide immediate remote assistance to many of our clients. However, you can always use secure VPN to allow secure external access.
If your data and processes are very sensitive, consider unplugging from the internet altogether. Be wary of Wi-Fi as it can be a way in from just outside your building.
#3: Consider isolation from the inside.
Remember the Target credit card breach that let hackers walk away with 70 million records, including 40 million credit and debit card numbers?
Many breaches start from one compromised individual or computer. Once inside, there may be very little internal security to stop the breach from spreading until eventually everything is accessible.
Internal subnets with secure firewalls and locked-down access policies can seriously reduce the damage if a breach does occur
#4: Use the free resources from Homeland Security’s ICS-CERT.
Compare your hardware and software against the Industrial Control Systems Cyber Emergency Response Team’s (ICS-CERT) list of known vulnerabilities. Awareness of potential security issues allows your controls team to mitigate and take corrective action.
The ICS-CERT site has a wealth of valuable resources available, including best practice information.
This list can be a starting point for a do-it-yourself approach to factory cyber security. If you’re looking for more help, DMC can work with you and your team to improve factory security, or implement additional features like network monitoring and password management with Microsoft’s Enterprise Mobility Suite.
Learn more about DMC’s Manufacturing and Automation Intelligence expertise.