Once your automation and control systems are fully automated and connected to the IIoT, you immediately open yourself up to the predations of cybercriminals. Hackers can get access to all sorts of information by breaking into a vulnerable part of your system, including not only production and design secrets, but also sensitive data relating to your customers and your finances. For this reason, it's important to think carefully about cybersecurity in factories when making the transition to smart manufacturing.
A 2015 report by the World Economic Forum estimated that cybercrime was costing the world some US$3 trillion a year. This year, that figure has doubled, and is expected to continue to increase by about 15% every year, with a projected loss of more than US$10 trillion by 2025. Half of Britain's manufacturers admit that they've been targeted by cyber attacks in the 12 months up to May 2021, with nearly a quarter of these suffering losses of between £5,000 and £25,000, and 6% losing £100,000 or more.
More than a third of all cybercrime attacks are targeted at industry, and include industrial espionage, extortion via ransomware, denial of service, and stealing data like account numbers. An even greater threat is posed to cybersecurity in factories when a successful security breach goes undetected, allowing cybercriminals to embed themselves deep inside your organisation's network and create long-term disruption. They can alter machine programming, creating process deviations that result in flawed products. They can also disrupt the supply chain, mess up your distribution networks, and have a knock-on effect on your connected companies and associates across the globe.
There are several types of attack that are commonly used to target cybersecurity in factories:
The Brazilian meat processing company JBS paid out £7.8 million in a ransomware attack. Several of its factories were closed down, and operations halted to protect the integrity of their food supplies and customer information.
The trans-American Colonial Pipeline went offline following a ransomware attack. The company paid out £3.1 million to the hackers, most of which was subsequently recovered.
The Taiwanese computer manufacturer, Acer, was hit by a ransomware attack, with an attack focused on financial information. The largest ransom to date was demanded – US$50 million – although the company are being cagey about admitting details.
The UK Honda plant was shut down, and operations were suspended in several of its international facilities, following a suspected ransomware attack. The company has denied any data breach, however, and claimed that there would be minimal impact from the interruption in manufacturing operations.
It's not surprising that major companies like Honda wouldn't admit to being the victim of cybercrime. Damage to your standing in the business community is one of the intangible threats of cybercrime, and many victims of cyber attack are unwilling to admit their vulnerability. With access to the IIoT, every aspect of manufacturing and industrial processes is at risk, and business owners may not yet have sufficient experience of the new technologies to combat it – or to admit it if they fail.
Increased connectivity in all parts of the world, and all spheres of activity, means that hackers have more entry points and more scope to move from a single hacked device to a globally connected network. The move towards massive cloud storage of data only adds to the threat levels, as it can so easily be exploited by a tech-savvy generation brought up in a connected world.
Some manufacturers are reluctant to enter the world of digital industry for fear of these very risks. Even those who are making the transition may be vulnerable to a lack of synchronisation between their operational technology (OT) and their information technology (IT). This applies particularly to areas where there is an overlap between the OT and IT ecosystems, where the various decision-making strategies tend to be dispersed. OT investment decisions don't usually take corporate IT and security into account, so that a hotchpotch of different technologies have to be integrated after the event, and their cybersecurity streamlined.
Manufacturers need to be more aware of cybercrime and how to prevent it. This means stringent staff training on the types of threat they might encounter, and planning what to do in the eventuality of a cyber attack. It includes identifying threats, protecting your systems and staff against them, planning your response to threats, and working out how you would recover from an attack. If you're about to switch over or have already made the transition to the smart factory, you should incorporate an integrated programme of cyber management that covers both the IT and the OT aspects of your business.
The first steps to effective cybersecurity in factories also include carrying out a cybersecurity risk assessment that takes all levels of your systems into account, including the legacy OT and the new IT. You should build in security protocols to all your existing and projected systems, and establish a formal programme of cybersecurity governance that will help you deal with any threats. Any and all actions you take in the business should then be prioritised according to their risk profiles.