Panel Builder System Integrator

December 12, 2018

By: Pascal Ackerman, Rockwell Automation

You have a strong industrial security program in place. You’ve cleaned up with good cyber hygiene and have implemented intrusion detection systems to avoid future incidents. But in the complex world of cybersecurity, you can’t stop there.

Despite all your efforts, latent advanced persistent threats (APTs) are still a concern. They are slowly at work trying to find chinks in your armor and exfiltrate data, bogging down your operations. And intrusion detection isn’t going to catch this activity.

You’re Ready for Threat Hunting

Threat hunting is one of the next logical steps in your cybersecurity program. In its simplest form, you are searching the network for external threats or intrusions that went undetected by automated security systems. It is a very scalable exercise and can be done with varying degrees of automation, including none at all.

It can not only further protect your proprietary recipes and information, but it also has great potential for improving operational efficiencies as well. While this practice isn’t entirely new to the IT space, it is making its way into OT environments. And this is where beverage and food production can benefit the most.

Threat hunting is proactive, and takes a step back from the scanning tools, traps and future-focused infrastructure already in place. In an age of technology, it uses gray matter to uncover malicious activity and infiltrations that have been hiding in your network for months, maybe years. And further, it can find correlations not otherwise detectable between network activity and production inefficiencies.

Infestations Wreaking Havoc in Unexpected Ways

Have you noticed your mixer acting up? Are HMIs locking down? A label printer flashing errors?

It can start with an operator charging their unprotected phone in an open USB port on the network. Months later, your oven starts acting up and won’t maintain set parameters, even though mechanically, there’s nothing wrong.

Careful review of network logs uncovers that each time the oven acts up, there are beacons going to an outside IP address. This correlation is otherwise undetectable, and is what makes the human factor critical, and threat hunting so valuable. 

I went into a plant once that was experiencing repeated network slowdowns on a certain shift. Proactive hunting led to the discovery that one employee’s workstation was running an undetected Bit Torrent. So, each day when they logged in at the beginning of their shift, the entire network was impacted.

Learn about managing cybersecurity risks in the food and beverage industry with smart manufacturing. Download the eBook for more (PDF).

Why Aren’t Intrusion Detection Systems Catching All of This Hidden Malware?

Most of what threat hunting uncovers appears innocent, and without context and correlation, passes detection systems as business as usual. A piece of malware can communicate with an unknown IP address, but will look similar to intended internet traffic.

There also could be SYN scans going on in the peripheral, outside the boundaries of what your security software is looking for. They sit quietly and slowly look for a hole in the network. They’re not getting refused and haven’t established outside connections yet, so they remain undetectable.

In a threat hunting exercise, you may discover that an outbound connection is coming from a process that shouldn’t be going out to the internet. Or you may find a system that wasn’t being used at the time the communication was made, indicating an infected source.

The thing is, these APTs were probably already there when you implemented your cybersecurity system. That’s because most intrusion detection and prevention programs rely on a known, good state. If the baseline it starts from has poor traffic or malware activity, it becomes part of the norm. Many publicized security breaches have fit into this category. It is only years after a breach occurred that it’s detected and the scope off the damage realized.

Getting Started

The good news is, you likely have what you need to get started. Threat hunting is easy to implement with the right partner and can be a one-time activity, or become part of an ongoing security program. Your HMIs and servers are already creating activity logs you can gather and analyze offline so there’s no stress on the network or production interruptions.

So stop relying solely on endpoint protection and virus scanners to detect if you’re vulnerable. Go hunting for infiltrations before they impact your plant floor.

Source

Changing Scene

  • Prev
Pilz Canada officially opened their Canadian Facility surrounded by Industry Partners, colleagues ...
Allied Electronics & Automation has announced the addition of the new TM Series of ...
Cybertech Automation is proud to announce the expansion of services into Texas, Pennsylvania and ...
Eclipse Automation recently announced the acquisition of D&D Automation, located in Stratford, ...
The Automation and Controls industry landscape is a very dynamic one in which technology, customer ...
Onyx Engineering has been registered to Intertek's ETL Panel Builder Certification Program for ...

One of Canada’s largest wastewater treatment plants at Annacis Island provides secondary treatment to approximately 175 billion litres of wastewater every year for over 1 million residents in 14 municipalities. After almost 20 years in operation, the variable frequency drives supporting the critical pumping systems for the primary treatment and secondary treatment facilities had to be replaced to ensure that the plant’s high operational availability and reliability will not be compromised in serving the plant, the surrounding municipalities and the environment. Metro Vancouver Regional District chose to deploy Rittal’s enclosure and power distribution solutions with E-plan software to efficiently support vital infrastructure improvements by reducing equipment replacement times and thereby minimizing risk to plant operations.

PB 25 Phoenix ControlCabinet 400

Phoenix Contact will provide you with support as your reliable partner in the optimization of your processes in control cabinet manufacturing.

Phoenix Contact provides you with holistic solutions in a cooperative partnership, based on their products, services, and experience. Digital data is used consistently, processes optimized, and time saved. The PROJECT complete planning and marking software supports your entire control cabinet manufacturing process. The program provides you with an intuitive user interface that enables you to individually plan, automatically check, and order terminal strips.

Thanks to optimized interfaces, you can easily integrate data from common CAE systems. This enables you to save significant amounts of time in the overall engineering process. Read More


 Like many cyclical industries, mining is reviving, driven by steady global economic growth and an increasing demand for materials to support new technologies like electric vehicles, renewable energy and mobile devices. Despite the optimism, the industry still faces major operational challenges including process efficiencies, cost control, worker health and safety, and skills gaps. To address these challenges, Rockwell Automation introduced The Connected Mine, leveraging the latest enabling and digital technologies.

Utilizing advanced analytics, The Connected Mine helps mining companies collect and aggregate data to gain end-to-end visibility into their operations and make informed business decisions to improve mining operations.

Read More

PB 25 Rittal MarineWaves 400For almost a half a century Canal Marine & Industrial of St Catharines, Ontario has provided electrical design, engineering and services around the clock to the merchant marine, naval and coastguard fleets in Canada and the rest of the World. In recent years, Canal has become a leader in the design and supply of marine hybrid power and propulsion systems. These systems utilize alternative methods for supporting propulsion and the vessel’s electrical power plant, so that fuel consumption and emissions are reduced.

Great Lakes Towing of Cleveland, Ohio (popularly called “The Towing Company”) operates the largest and most experienced U.S.-flag tugboat fleet. The Towing Company is a significant marine operations link in North America’s U.S. Great Lakes-Saint Lawrence Seaway marine transportation network, the fourth seacoast of the United States, an operating area that extends over 8,300 miles of shoreline, encompassing a water surface area of roughly 100,000 square miles. Read More

HARTING Electronics: Circular Connectors – A Round Thing

Circular Connectors 400

Jonas Diekmann, Technical Editor at HARTING Electronics

The metric system of units was introduced for the first time in 1793 during the French Revolution and is used even today in almost all countries worldwide. The metric round plug connectors are also based on this system of units and are a known standard in raw industrial applications. In various diameters and codes, they are a reliable connection for the three lifelines of industrial applications. Data, signals and performance are essential for drive, control and communication. The typical round appearance with the thread for screwing in is a success story up to the present. But classics often also still reveal unexpected potential. With its new PushPull Locking and Com-Lock HARTING is making two round guild models ready for the future.

Metric round plug connectors are some of the most widespread interfaces worldwide, when it comes to cabling for machines, industrial plant and devices under demanding conditions of use.

Read More

Rockwell SleemanTen years ago, tourists looking for a taste of the local life in Southern Canada may have asked for one of the region’s best wines. Today, it’s all about craft beer.

From entrepreneurial newcomers to large-scale producers, brewers in Canada are cashing in on the thirst for craft beer. The number of microbreweries – ­producing less than 25,000 cases of 24 – has more than doubled in the last seven years.

The explosion in craft beer popularity had one company – Sleeman Breweries – bursting at its production seams. The third-largest brewer in Canada, Sleeman brews and distributes popular beers from lagers to pale ales.

 Read More

 

Product News

  • Prev
Littelfuse, Inc., a global manufacturer of leading technologies in circuit protection, power ...
The device family of serial device servers and gateways from Phoenix Contact enables a variety of ...
The modular 19" plug-in test system FAME 3 rack from Phoenix Contact does not require an operating ...
AutomationDirect’s line of sensors now includes capacitive proximity sensors with ...
New HS1T interlock switches with solenoid deliver 5,000N of locking force in a ...
With Balluff’s new online RFID configurator tool, you can confidently and efficiently select ...
Festo has developed new advanced solenoid valves and coils for the petroleum and chemical sectors ...
Laird has expanded its thermoelectric assembly (TEA) product offering to meet the cooling needs of ...
One single turn of the tightening screw is sufficient for secure connection of clamping modules, ...
ABB has introduced a selection of Fusegear with 800V AC ratings to support the higher voltage ...
Kerrwil Publications

538 Elizabeth Street, Midland,Ontario, Canada L4R2A3 +1 705 527 7666
©2019 All rights reserved

Use of this Site constitutes acceptance of our Privacy Policy (effective 1.1.2016)
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Kerrwil