As many of us are aware, the concept of Industry 4.0 has gained popularity. This will connect the design, manufacturing, operations and service of products and production systems within the IoT (Internet of Things) based on proactive data storage and usage. Increased interactions between machines, parts, humans and management systems will make Lights Out manufacturing about 30% faster and 25% more efficient. Pioneering companies have progressed towards implementing Industry 4.0 disciplines within the different scales. Production, assembly, planning, plant and logistics, quality and maintenance solutions. They might underestimate one crucial point in the age of unrestrained digitalization. The Cybersecurity precautions needed on the current era of production systems.
In the age of hyper-connected production, the risk of getting attacked by hacktivists or terrorists increases. That is because it exposes all production data to the outside world. Rapidly digitalizing sectors such as automotive, aeronautics or pharmaceuticals are critical in terms of health and safety. As a result, the potential game-changer can become a significant threat to all humanity.
Cybersecurity and Industry Categories
- On the one hand, we have Large-scale companies. Most of the time, these companies are the primary targets, and successful attacks cause severe damage. For example, a cyber attack hit the French automotive manufacturer Renault. Hackers tricked the company through malicious emails. The attackers could reach critical company data and demand Bitcoin to release encryption. In the end, Renault had to shut down production in some factories in France and the Nissan plant in Sunderland. Detailed investigations showed that the attackers were part of an international crime organization. The same one related to the WannaCry cyber-attack targeting the NHS in the United Kingdom. However, the European Union offers legal rights to protect companies against cyber-attacks within the NIS (Network and Information Security) directive. The directive is not as regulatory law. Nonetheless, many cybersecurity divisions have launched and are increasingly capable of countering threats. The directive is only an instruction to member-state governments to implement their cybersecurity laws for Industry 4.0. Its legal protection capability, on its own, is questionable.
- On the other hand, there are small and medium-scale companies. The main idea of connectivity is that it covers all of the participants in the value chain. To transform the industry, large-scale companies must persuade their small and medium-scale supplier companies to change. They need to improve the efficiency of the new digitalization trend. The problem is whether those auxiliary companies can maintain a sufficient level of cyber-security while they chase the latest standards. So far, the answer is: unfortunately, not. According to a Deloitte-MAPI study, one-third of the manufacturers have not performed cyber risk assessments on the industrial control systems. The vulnerability remained for threat actors to exploit against companies. It became one of the most vulnerable parts of the ecosystem. The crucial part is the risk of manipulated supplier company production causing malfunctions in end products.
The Digitalization Process
The digitalization of production systems opens new doors for cyber-criminals. According to research conducted by NTT Security, cyber-attacks increased 24% globally during the second quarter of 2017. Attackers heavily targeted manufacturers. Manufacturers experienced a 100 % increase in incidents in industrial control systems. They also had a 400 % increase in leaks in connected product data since 2014. Attackers target large companies’ intellectual property, talent, and products.
In the Pharmaceutical industry, attackers pose a threat by sabotaging dosages, causing ineffective or harmful drug production. They can change critical production tolerances in aeronautical, disrupt self-driving and electric car control boards, mix traceability data of vast batches of production stocks, disrupt after-sale services management, and more. One of the most critical targets is that assailants steal intellectual property like drug recipes, production line setups, and other valuable information stored on company servers.
Cybersecurity Attacks
The first step for cyber threat analysts is to identify the threat actor’s motivation and targets to mitigate the threat. Motivations of recent intrusions on manufacturing diverse into 3 categories. These were political, economic and socio-cultural. Examples of political attacks include different strategies. Some are destroying, disrupting, making political statements, or retaliatory actions on public relations channels. Economically motivated attack examples include theft of intellectual property or valuable assets, fraud, industrial espionage, sabotage and blackmail. Emotions drive socio-cultural reasons. Simple motivations such as fun, curiosity, and a desire for publicity or ego gratification.
In over two-thirds of all malware distribution, analysts found attackers to be pushing e-mails with malicious attachments containing different types of soft boot commands as primary steps in their attack. Attack methods can separate other types of attacks, whether application-based, physical flash drive infiltrations or website intrusions such as Adobe products and promotional flash drives. Consequently, manufacturers must not see attackers as simply a ‘traditional’ malicious actors such as hackers and cyber-criminals motivated for money, but also competitors and nation-states engaged in corporate espionage, seeking to gain competitive advantage or achieve strategic disruption. Alternatively, the danger can come from an insider threat, such as disgruntled employees or thieves.
High Profile Attacks
The latest high-profile attacks contain threat actors using much more complicated techniques, such as multi-flow, multi-vector attacks that reveal vulnerabilities in IT networks that bleed into operational technology systems. Therefore, to prevent these types of cyber breaches, companies must find a way to remain secure, vigilant and resilient. How can they establish typical modern manufacturing IT networks under these disciplines? When preventing these types of attacks, essential solutions like creating strong passwords and updating security systems are not sufficient anymore.
Companies must establish continuously developing cybersecurity infrastructures while conducting internal compliance and risk assessments to determine an organization’s vulnerabilities. For example, internal meetings and surveys can be conducted frequently with employees to see espionage vulnerabilities from their perspectives and try to continuously improve those points step by step. Additionally, IT divisions should be expanded with cybersecurity analysts to detect vulnerabilities, and from those vulnerabilities, they must develop and implement corporate policies and procedures.
The new hyper-connected manufacturing systems require IT employees with quick response skills to handle cyber-attacks using those policies, procedures and action plans. Moreover, data protection is another essential point in establishing secure data backup policies in the company so that they can be mitigated in any attack. Another point is that the sector requires CEOs and executives who are aware of cyber-security risks and are involved in oversight and the decision-making processes in any security issue.
Executives’ cyber-security awareness is expected to lead them to invest in sufficient electronic security measures to cover proactive testing and probing of systems in an environment of increasingly sophisticated intrusion methods. After assessing the defensive methods and developments, the manufacturing industry faces one problem: a shortage of cyber-security professionals.
Conclusions
Nowadays, most leading companies struggle to fill their cyber-security roles. As the manufacturing industry becomes one of the most popular cybercrime targets, it faces the problem of not being able to implement its security strategies if it lacks qualified employees. Therefore, to solve this looming threat in future, it can be suggested that high-end companies hire informational technology-related engineers to develop, train and turn them into cybersecurity professionals and decision-makers with educational investments. Furthermore, it is essential to implement intelligence analysis methodologies like structured analytical techniques (SATs). It offers cyber analysts the tools to mitigate cognitive biases, generates an intellectual audit trail and assists in alleviating deception or disinformation by threat actors.
The cost of cybercrime varies by organizational size, and so do preventive action costs. And making the correct investment that meets a company’s exact needs also relates to its activities. Consequently, those investments could have some quick payoffs, motivating corporations. We might consider the critical applications as successful hybrid business models. Businesses would use this to develop not only the cybersecurity aspect but also the marketing value of the company. Improving the company’s culture, brand value, and reputation are examples of it. Besides the previous security suggestions, companies need cyber risk evaluation to produce tangible gains and protect businesses from redundant investments. Cybersecurity will be an option for companies shortly and an essential competitive future force in the manufacturing industry.
