How IIoT Brings More Cyberattacks to the Manufacturing Industry

Kymera

 

September 24, 2018

With an IIoT network that covers the entire enterprise and has dozens of machines connected to a centralized system, you can see why it’s so tempting for cybercriminals to attempt access on your network. On the other hand, it also shows where your weaknesses are and what you can do to protect it.

During recent years, healthcare, financial service, and retail industries were more “interesting” to cyber attackers than the manufacturing industry. As business disruption and intellectual property theft emerge, more and more manufacturers are becoming victims of cybercrime.

What is Behind the Attacks?

The 2018 Verizon Data Breach Investigations Report shows us that state-sponsored attackers caused more than half of the data breaches in manufacturing, and leading motive was cyberespionage. Due to the fast convergence of OT and IT networks in these manufacturing companies, they exhibit a higher rate of cyberattack activity.

The massive loads of data were collected from January to June 2018, from millions of workloads and devices from the data center, customer cloud, and enterprise environments. They show three findings that are of most interest to cyber attackers. They are the way data is stolen from manufacturing networks, the volume of internal movement between systems, and the frequency of external remote access.

Data Exfiltration

With multiple sensors that aggregate data at the IIoT network’s gateway and send it to a cloud database, an IIoT network architecture doesn’t typically indicate a cyber attack. This data exfiltration behavior is sometimes related to other threat behaviors that can point to an assault in progress. Organizations must ensure that systems are sending data to the approved and intended external systems instead to the attackers who want to steal critical assets.

Internal Movement between Systems

There are many gateways (connected to each other for a better peer-to-peer communication) in a manufacturing network that communicate with smart machines and devices. To map out a manufacturing network and find critical assets to steal, cyber attackers use the same self-discovery used by those peer-to-peer devices. Cyber attackers can thus move laterally across the entire system until they find a way to complete their mission. That type of cyber attacker behavior is known as internal reconnaissance and lateral movement. If a higher-than-normal rate of lateral movement or malicious internal reconnaissance behavior is detected, it’s an indicator of possible attacks on the network.

External Remote Access

When an internal host device connects to an external server, it is known as external remote access. One of the most common command-and-control behaviors in manufacturing is the use of external access tools. This process is also a gateway for attackers to infiltrate a network by hijacking an external remote access connection.

What Can You Do About It?

Manufacturers used to rely on exclusive and customized protocols that made it harder for attackers to mount an attack. However, after the conversion from proprietary to standard protocols, it has made it easier for them to steal, spread, and spy. Today’s factories have Internet-enabled production lines that support remote management and data telemetry. It connects their IIoT machines to networks that rely on communication with enterprise applications and computing devices.

Systems critical for supply-chain processes and thin production lines need to have the best security access controls that can isolate a manufacturing system (however, most manufacturers don’t invest in them for economic reasons.) Real-time monitoring and network visibility are vital for identifying the earliest signs of cyber attacks in any infrastructure of this kind. Also, security analysis should be performed frequently.

Cybersecurity is today’s number one problem for organizations that rely on IoT. To enhance existing cybersecurity teams, we need to use artificial intelligence solutions to detect and respond to cyber threats faster and help stay ahead of cybercriminals.

For more information https://kymerasystems.com/

 

 

Related Articles


Changing Scene

  • Wesco Opens State-of-the-Art Facility in Eastern Canada to Support Influx of Megaprojects in the Region

    Wesco Opens State-of-the-Art Facility in Eastern Canada to Support Influx of Megaprojects in the Region

    Wesco International has recently announced the grand opening of a new state-of-the-art facility on Higney Avenue in Dartmouth, Nova Scotia, Canada, making this the largest facility of any distributor in the Atlantic region. The new building, facilitated by Touchette Real Estate, a division of Groupe Touchette, will feature Wesco’s comprehensive suite of services and solutions including… Read More…

  • PataBid Nominated for Canadian Choice Award in Software Services

    PataBid Nominated for Canadian Choice Award in Software Services

    PataBid is proud to announce its nomination for a Canadian Choice Award in the Software Services category. This recognition highlights PataBid’s commitment to supporting the electrical contracting community across Canada by providing innovative estimating software solutions that streamline estimating processes and ensure predictable and profitable projects. Read More…


Sponsored Content
The Easy Way to the Industrial IoT

The way to the Industrial IoT does not have to be complicated. Whether access to valuable data is required or new, data-driven services are to be generated, Weidmuller enables its customers to go from data to value the easy way. Weidmuller’s comprehensive and cutting-edge IIoT portfolio applies to greenfield and brownfield applications. Weidmuller offers components and solutions from data acquisition, data pre-processing, data communication and data analysis.

Visit Weidmuller’s Industrial IoT Portfolio.


ADVANCED Motion Controls Takes Servo Drives to New Heights (and Depths) with FlexPro Extended Environment Product Line

Advanced Motion Controls is proud to announce the addition of six new CANopen servo drives with Extended Environment capabilities to their FlexPro line. These new drives join AMC’s existing EtherCAT Extended Environment FlexPro drives, making the FlexPro line the go-to solution for motion control applications in harsh environments.

Many motion control applications take place in conditions that are less than ideal, such as extreme temperatures, high and low pressures, shocks and vibrations, and contamination. Electronics, including servo drives, can malfunction or sustain permanent damage in these conditions.

Read More


Service Wire Co. Announces New Titles for Key Executives

Bruce Kesler and Mark Gatewood have been given new titles and responsibilities for Service Wire Co.

Bruce Kesler has assumed the role of Senior Director – Business Development. Bruce will be responsible for Service Wire’s largest strategic accounts and our growing Strategic Accounts Team.

Mark Gatewood has been promoted to the role of Vice President – Sales & Marketing. In this role, Gatewood will lead the efforts of Service Wire Company’s entire sales and marketing organization in all market verticals.

Read More


Tri-Mach Announces the Purchase of an Additional 45,000 sq ft. Facility

Tri-Mach Elmira Facility

Recently, Tri-Mach Inc. was thrilled to announce the addition of a new 45,000 sq ft. facility. Located at 285 Union St., Elmira, ON, this facility expands Tri-Mach’s capabilities, allowing them to better serve the growing needs of their customers.

Positioning for growth, this additional facility will allow Tri-Mach to continue taking on large-scale projects, enhance product performance testing, and provide equipment storage for their customers. The building will also be the new home to their Skilled Trades Centre of Excellence.

Read More


JMP Parent Company, CONVERGIX Acquires AGR Automation, Expanding Global Reach

Convergix Automation Solutions has completed the acquisition of AGR Automation (“AGR”), a UK-based provider of custom, high-performance automation design and systems integration primarily to the life sciences industry.

Following Convergix’s acquisitions of JMP Solutions in August 2021 and Classic Design in February 2022, AGR marks the third investment in Crestview’s strategy to build Convergix into a diversified automation solutions provider targeting the global $500+ billion market, with a particular focus on the $70 billion global systems integration and connectivity segments. Financial terms of the transaction were not disclosed.

Read More


Latest Articles

  • How Advanced X-Ray and AI Inspection Technologies Optimize Quality Control and Reduce Costs in SMT Manufacturing

    How Advanced X-Ray and AI Inspection Technologies Optimize Quality Control and Reduce Costs in SMT Manufacturing

    Explore how Omron’s latest X-Ray machines and AI-driven solutions are setting new standards in manufacturing efficiency and quality control. The manufacturing landscape is swiftly evolving, and Omron is at the forefront with its innovative PCB inspection machines. These systems offer profound insights into SMT production process, enhanced quality control, and can significantly reduce labor costs. Advancements… Read More…

  • KUKA Establishes New Software and Digital Business Segment

    KUKA Establishes New Software and Digital Business Segment

    Software is playing an increasingly important role in mechanical engineering. What used to be mostly solved mechanically is now done by electronics and the associated software. “With KUKA Digital, we are expanding our offering in order to position ourselves broadly for a market with strong growth potential. Our customers need products, solutions and consulting approaches to digitalize… Read More…