In light of several major supply chain disruptions across manufacturing sectors, the Biden Administration recently announced the creation of a Supply Chain Disruptions Task Force to strengthen critical supply chains and address cyber vulnerabilities. When a supply chain breaks down, the consequences can be devastating and far-reaching, as experienced with the Colonial Pipeline ransomware attack. Despite this, critical infrastructure systems often aren’t afforded cyber protection commensurate with their importance.
Industries like manufacturing are primary targets for these attacks due to their vital importance, including being embedded within the supply chains of multiple critical infrastructure sectors like healthcare, energy and transportation. As a result, manufacturers are an attractive target for bad actors motivated by a desire to cause harm, steal intellectual property and seek financial gain. The potential consequences of a manufacturing industrial control system being compromised are severe. They include damage to IT and OT systems, physical damage to plants, danger to employee health and safety, environmental impacts, downtime, harm to those downstream in the supply chain and loss of product reliability and integrity.
As manufacturing relies more and more on remote access and automation, cyber hygiene continues to be one of the top challenges in securing manufacturers across the nation. So, what should manufacturers consider when it comes to securing remote access in today’s world?
The expanded OT attack surface
Consolidating operational technology (OT) environments with information technology (IT) networks expand the OT attack surface and makes these integrated ecosystems considerably more challenging to secure. The rise of smart manufacturing, Industry 4.0 technologies and direct communication channels to cloud services has also exponentially accelerated the connectivity between IT and OT systems. Many factories are deploying IoT technologies that support production but are not immediately embedded within processes. These include building and facility management controls (such as smart lighting and thermostats) and worker health and safety monitoring systems. Many manufacturers are now challenged to maintain visibility into technology environments that include a heterogeneous mix of IT, OT and IoT systems. This large attack surface creates a more attractive target for cybercriminals.
The flawed use of IT security programs in OT environments
The OT ecosystem was previously thought of as a “walled garden” isolated from the rest of an organization’s computing systems and networks. This belief was really a fallacy, as the interconnection of OT systems to production management systems, maintenance systems and operations support have existed for over a decade. However, the convergence of IT and OT environments introduced new risks into the OT ecosystem. Many companies have been tempted to import their more mature IT cybersecurity infrastructures, processes and resources into OT environments as a solution rather than those built explicitly for OT use.
Unfortunately, the use of IT-based security infrastructures and processes in OT environments has proven less than ideal. IT technologies are often incompatible with OT hardware and equipment. OT system lifecycles may also be several times longer than those of IT hardware solutions, with industrial control systems (ICS) sometimes remaining in use within a production environment for 20-25 years. In addition, IT security strategies have tended to prioritize detection and rapid mitigation, but this approach is inappropriate in OT environments, where safety and reliability are of the utmost importance. Further, IT security strategies have focused on the ranked prioritization of confidentiality, integrity and availability of systems, whereas OT systems are prioritized around safety, integrity, and the availability of systems.
How to protect the unique OT environment
Traditionally, air gapping was considered the best security measure to protect OT environments, but the isolation of industrial networks is no longer proving to be an effective measure. Securing OT systems against modern threats requires well-planned and well-implemented strategies that will provide defense teams the chance to quickly and effectively detect, counter and expel adversaries.
Industrial organizations that are currently asking their existing IT security teams to protect their OT assets should consider supplementing these resources with additional dedicated OT specialists. Technologies such as IP ranges, virtual local area networks (VLANs), or micro-segmentation of IT and OT network traffic are becoming more popular to protect against OT-focused attacks.
Physically separate corporate IT and OT domains, logically segment networks, and isolate critical parts of the network from untrusted networks, especially the internet. Strategies such as establishing “industrial-demilitarized zones” (I-DMZs) and data warehousing can help facilitate a secure buffer zone where services and data can be shared and transferred between SCADA systems and business networks.
It’s also essential to deploy monitoring tools such as intrusion detection/prevention systems (IDS/IPS), network access controls and identity awareness systems and logging on all systems if possible. Locking down all unused ports and services on routers, switches, and network daemons while ensuring default configurations and passwords are not used will harden these devices against adversaries. Monitoring the peer-to-peer nature of communication of OT systems is vital in establishing baselines and detecting deviations.
Designing an effective OT security architecture requires a risk model that maps precisely to the functional requirements of these complex systems and provides a holistic image of the potential real-world consequences of compromise. Look into adopting digital twins to assist in cybersecurity programs. A digital twin is a virtual model of a process, product or service. The pairing of the virtual and physical worlds allows simulation and analysis to head off problems before they occur, prevent downtime and plan for the future.
All manufacturers should also have a comprehensive cyber incident response plan in place that includes proactive and reactive measures to help prevent incidents and better allow the organization to respond when one does occur. This planning should include establishing a supply chain management program to ensure uniform cybersecurity policies and practices with contractors and third-party vendors. Internally, it’s crucial to have training and awareness programs that improve knowledge and vigilance by instilling an awareness of the current threat landscape among all employees. Perhaps even more critical is the establishment of a disaster recovery and business continuity plan, which includes testing backups of critical OT systems and desktop exercises that test your response plan. This can often lead to the best option to defending against ransomware attacks.
The challenge of securing the complex OT environment can seem overwhelming. Still, the good news is that among leaders of industrial organizations, awareness of the severity of OT cybersecurity risks is on the rise and a growing number are willing to commit increased resources to manage these risks. There’s also increased interest in industry-wide initiatives such as knowledge sharing and the use of risk-based frameworks. For these reasons, industrial companies are becoming more confident about their readiness to face an OT cybersecurity attack. Nonetheless, the threats remain far-reaching, and much work remains to be done to improve cyber resilience across the industry.