Panel Builder System Integrator

December 12, 2018

By: Pascal Ackerman, Rockwell Automation

You have a strong industrial security program in place. You’ve cleaned up with good cyber hygiene and have implemented intrusion detection systems to avoid future incidents. But in the complex world of cybersecurity, you can’t stop there.

Despite all your efforts, latent advanced persistent threats (APTs) are still a concern. They are slowly at work trying to find chinks in your armor and exfiltrate data, bogging down your operations. And intrusion detection isn’t going to catch this activity.

You’re Ready for Threat Hunting

Threat hunting is one of the next logical steps in your cybersecurity program. In its simplest form, you are searching the network for external threats or intrusions that went undetected by automated security systems. It is a very scalable exercise and can be done with varying degrees of automation, including none at all.

It can not only further protect your proprietary recipes and information, but it also has great potential for improving operational efficiencies as well. While this practice isn’t entirely new to the IT space, it is making its way into OT environments. And this is where beverage and food production can benefit the most.

Threat hunting is proactive, and takes a step back from the scanning tools, traps and future-focused infrastructure already in place. In an age of technology, it uses gray matter to uncover malicious activity and infiltrations that have been hiding in your network for months, maybe years. And further, it can find correlations not otherwise detectable between network activity and production inefficiencies.

Infestations Wreaking Havoc in Unexpected Ways

Have you noticed your mixer acting up? Are HMIs locking down? A label printer flashing errors?

It can start with an operator charging their unprotected phone in an open USB port on the network. Months later, your oven starts acting up and won’t maintain set parameters, even though mechanically, there’s nothing wrong.

Careful review of network logs uncovers that each time the oven acts up, there are beacons going to an outside IP address. This correlation is otherwise undetectable, and is what makes the human factor critical, and threat hunting so valuable. 

I went into a plant once that was experiencing repeated network slowdowns on a certain shift. Proactive hunting led to the discovery that one employee’s workstation was running an undetected Bit Torrent. So, each day when they logged in at the beginning of their shift, the entire network was impacted.

Learn about managing cybersecurity risks in the food and beverage industry with smart manufacturing. Download the eBook for more (PDF).

Why Aren’t Intrusion Detection Systems Catching All of This Hidden Malware?

Most of what threat hunting uncovers appears innocent, and without context and correlation, passes detection systems as business as usual. A piece of malware can communicate with an unknown IP address, but will look similar to intended internet traffic.

There also could be SYN scans going on in the peripheral, outside the boundaries of what your security software is looking for. They sit quietly and slowly look for a hole in the network. They’re not getting refused and haven’t established outside connections yet, so they remain undetectable.

In a threat hunting exercise, you may discover that an outbound connection is coming from a process that shouldn’t be going out to the internet. Or you may find a system that wasn’t being used at the time the communication was made, indicating an infected source.

The thing is, these APTs were probably already there when you implemented your cybersecurity system. That’s because most intrusion detection and prevention programs rely on a known, good state. If the baseline it starts from has poor traffic or malware activity, it becomes part of the norm. Many publicized security breaches have fit into this category. It is only years after a breach occurred that it’s detected and the scope off the damage realized.

Getting Started

The good news is, you likely have what you need to get started. Threat hunting is easy to implement with the right partner and can be a one-time activity, or become part of an ongoing security program. Your HMIs and servers are already creating activity logs you can gather and analyze offline so there’s no stress on the network or production interruptions.

So stop relying solely on endpoint protection and virus scanners to detect if you’re vulnerable. Go hunting for infiltrations before they impact your plant floor.

Source

Changing Scene

  • Prev
 Proax invites you to attend their Automation Exhibition on March 28th, 2019 from 10am to 4pm ...
 E.B. Horsman & Son (EBH) is a 2019 winner of the Canada’s Best Managed ...
The Hannover Messe 2019 trade fair will also be held under the motto “Integrated Industry ...
The upcoming HANNOVER MESSE will again feature a special Digital Energy showcase in Hall ...
At Hall 9, Stand D17 under the motto “We automate. Safely.” Pilz will again be ...
Emerson has announced it has completed the purchase of Intelligent Platforms from General Electric. ...
Stellar Power & Control Solutions LP. has been selected as a Global Partner and only the second ...
In Canada, it is mandatory to comply with SPE-1000 – Model code for the field evaluation of ...
Littelfuse, Inc., a global manufacturer of technologies in circuit protection and power control, ...
Graybar Canada is proud to announce their Atlantic Automation Group has become the first non-pilot ...

Untitled 1 HANNOVERThe upcoming HANNOVER MESSE will again feature a special Digital Energy showcase in Hall 12, where innovative companies from around the world will present ideas and solutions for digitizing the entire energy sector.

A key focus will be on smart meters, particularly Germany's nationwide rollout, which is currently gathering pace. Nationwide rollout of smart, digital electricity meters is fundamental to further efficiency gains and, indeed, to the energy transition. Hans-Jürgen Schmitt, CEO of PCVue Solutions, explains: "Building automation systems and indeed the electric power system as a whole cannot work properly unless all electricity meters are capable of transmitting their consumption readings digitally, because only then is it possible to achieve efficient, profitable energy management." Read More

One of Canada’s largest wastewater treatment plants at Annacis Island provides secondary treatment to approximately 175 billion litres of wastewater every year for over 1 million residents in 14 municipalities. After almost 20 years in operation, the variable frequency drives supporting the critical pumping systems for the primary treatment and secondary treatment facilities had to be replaced to ensure that the plant’s high operational availability and reliability will not be compromised in serving the plant, the surrounding municipalities and the environment. Metro Vancouver Regional District chose to deploy Rittal’s enclosure and power distribution solutions with E-plan software to efficiently support vital infrastructure improvements by reducing equipment replacement times and thereby minimizing risk to plant operations.

Peers & Profiles

  • Prev
Germain Lamonde, President and founder of EXFO, is this year’s EY Entrepreneur Of The ...
  In a recent sit-down Electrical Industry Canada was able to learn a little ...
  Few industrial innovations have weathered the years as well as heavy duty connectors. ...
As our population grows and consumers continue to rely on technology for both essentials and ...
  Engineers play a key role in the advancement of our infrastructure and the development ...
  Kymera Systems is located in Leduc, Alberta and provides scalable IIoT solutions and the ...
  JAE Automation is proof positive that a cutting-edge, high-tech company can work with ...
  Nivek Automatisation is a forward-thinking company focused on providing advanced ...
Recently Panel Builder & Systems Integrator was invited to Rittal Canada’s Head ...
  New Electric first opened its doors in 1970, in Burlington, Ontario. The electrical ...

 Littelfuse to Host Webinar on Arc-Flash Protection

PBSI Littelfuse logo seminar 400Littelfuse, Inc., a global manufacturer of technologies in circuit protection and power control, invites plant engineers, facility managers, and maintenance professionals to join our special arc-flash webinar on how to cost-effectively protect against catastrophic arc-flash events. The webinar will take place on Tuesday, February 26, 2019 from 1:00 PM to 2:00 PM Central Standard Time. It will also be available on demand.

Attendees will learn:
• Methods available to help identify the risk of arc flash within your system
• How to choose the right arc-flash mitigation solutions to extend the life of your equipment
• Ways to increase working safely beyond the essential Personal Protective Equipment (PPE) suit
• A real-life example of how a few thousand-dollar investment helped a customer avoid an $800,000 catastrophic arc-flash event

The webinar is free, and attendees will have an opportunity to ask questions in a live Q&A session after the presentation. To sign up, visit the arc-flash webinar registration page.

Read More


 Like many cyclical industries, mining is reviving, driven by steady global economic growth and an increasing demand for materials to support new technologies like electric vehicles, renewable energy and mobile devices. Despite the optimism, the industry still faces major operational challenges including process efficiencies, cost control, worker health and safety, and skills gaps. To address these challenges, Rockwell Automation introduced The Connected Mine, leveraging the latest enabling and digital technologies.

Utilizing advanced analytics, The Connected Mine helps mining companies collect and aggregate data to gain end-to-end visibility into their operations and make informed business decisions to improve mining operations.

Read More

SmartBuilding FM 400

By Caryl Anne Crowne

Digital smart technology is changing almost every aspect of how we live, and the buildings we live in are no exception. Increasingly, instead of humans deciding how a building is heated, lit, etc., smart technology is gathering data, analyzing it and reacting accordingly while whoever is inside the building goes about their normal activities. Smart technology in buildings not only makes life more convenient for their inhabitants, it is more efficient and therefore saves on energy bills and reduces the negative impact of the environment.

Smart technology will make life easier for visitors to public facilities. For example, someone attending a meeting at a given building can have their identification badge read automatically and then get a text message informing them what room their meeting is in and how to get there. Once in the room, the temperature will already be adjusted to a comfortable level. Read More

Product News

  • Prev
Global Electrical Power and Advanced Materials leader Mersen is pleased to announce the launch of ...
Phoenix Contact’s premium QUINT POWER line now includes a single-device solution that meets ...
With Phoenix Contact’s new FINEPITCH board-to-board connectors, PCB designers can customize ...
ADVANCED Motion Controls has announced the FlexPro family, their new premium digital ...
TE Connectivity (TE) has unveiled BUCHANAN WireMate ITB (Inverted Thru-Board). These ...
The new X20SO6530 digital output module provides six safety relays on a unit with the X20's ...
With digitalization at its heart, ABB Ability MineOptimize connects all ...
The new release of ABB’s Distributed Control System (DCS) 800xA 6.1 brings significant ...
Koolbridge Solar announced that its renewable energy product, the SMART LOAD CENTER (SLC), has been ...
The industrial-suited Edge Computer MICA now also comes with a secondary Ethernet interface. ...
Kerrwil Publications

538 Elizabeth Street, Midland,Ontario, Canada L4R2A3 +1 705 527 7666
©2019 All rights reserved

Use of this Site constitutes acceptance of our Privacy Policy (effective 1.1.2016)
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Kerrwil