In a time when data are the new oil, massive attacks that compromise the security of this valuable resource are matters of serious concern. An increasing number of manufacturers are understanding the humongous repercussions a data security breach could result in; yet there has been no clear decision about how and where to get started. It involves a certain degree of nuance to understand the motive behind such attacks. Whatever be the nature of the attack, the prime stimulant has by far remained the same – to mass destruct in cash, kind, or reputation.
Gone are the days when the world had kidnappers demanding ransom by holding hostages at gunpoint. As we make technological advancements, miscreants are also becoming increasingly sophisticated with their demands and execution mechanisms. Recent attacks such as Wannacry and Petya are only a testimony of how the world is increasingly being conquered by the dark forces and why it is important for the rest of us to step up in defense. Executed exactly 46 days apart, there are a lot of similarities between the two cyber-attacks. First, both are ransom ware which is a fancy term for malicious software that gets injected into the target systems via an infected e-mail attachment. Once opened, it masquerades the system completely and locks it from further usage. What one sees at the end of the attack is a dangerous looking screen screaming out a demand for ransom, while all your precious data (read sensitive proprietary patents, customer information, financial data, and so on,) remain locked behind. Life could never have felt so vulnerable ever before.
There is no dearth of creative ways by which these black hat perpetuators behave. The recent Petya attack is only indicative of this, when hackers hacked the hacking tools developed by the US National Security Agency (NSA) itself. How smart and tongue twisting is that! Smart or not, the virus that initially targeted Ukraine has already now spread across several thousands of systems in a day across Denmark, France, the United Kingdom, and the United States. Moreover, through every infected system a demand of $300 in bit coin has been placed. Compare this against the 230,000 systems infected via the WannaCry ransom ware in May this year. This is problematic, considering further havoc that could result with the distribution of these hacked hacking tools in the black market. The sophistication and the intensity of attacks have only increased manifold. WannaCry can be considered as a test run before the launch of Petya that appears to have more intense motives apart from just monetary gains.
What does all of this imply for manufacturing? With the advent of the Industrial Internet of Things (IIoT) and with the introduction of Information Technology (IT) in the Operational Technology (OT) environments, it only makes our factories increasingly vulnerable to these attacks. Wannacry was able to generate fear in the minds of major public organizations such as NHS, Telefonica, and Nissan. Petya on the other hand has hit banks, telecom, and power companies amongst many others. Several top notch and well-known companies such as Maersk, Rosneft, Merck &Co., Saint Gobain and Deutsche Post have been affected by this attack so far, even as further reports keep trickling in. Ukraine has been the most affected country by far, so much so that the Cherbonyl nuclear power plant had to be switched from automated to manual mode, as a precautionary measure. This auto to manual switch cannot be a feasible solution in the long run, as companies are turning increasingly digital.
It has been discovered now that WannaCry hackers have found a way into the targeted systems through a Microsoft’s Windows XP platform. In a way, attacks similar to this could have been averted had system users been sufficiently aware of the perils in not running security patch updates. The crux of the issue, therefore, boils down to a lack of awareness and a need to suitably pump this up. The other reason for this is that a lot of these compromised systems are age old legacy systems primarily because they are governing and controlling critical infrastructure such as energy and power grids and it is difficult to roll-out updates to such legacy systems. As a result, these attacks have the potential of destabilizing human life resulting in hampering critical infrastructure such as transportation, energy grids, banking, and financial systems.
In the event of these repeated attacks, to summarize, the following are some of the important lessons that we have not learnt (yet):
- Cyber security is fundamental for business continuity and is important for any company to build up brand reputation. Yet, we are still underinvested when it comes to cyber security. We therefore need to invest in next-generation dynamic security management technologies such as enhanced hardware authentication, predictive, adaptive, and behavioural analytics, high level tokenization and encryption and deep machine learning that can help transform security from being reactive to being more predictive and proactive.
- We are still on legacy systems that require a tremendous uplift and makeover. Manufacturing should follow a phase-wise approach, working one machine and system at a time, in batches. Manufacturers should set up dedicated teams that can help with this transition.
- There is still lack of awareness about the need to run security patches. IT workforce in factories need to be sufficiently and regularly educated and trained on the subject.
- Manufacturers should be aware of potential weak links in their system that could serve as entry points for cyber-attacks. Sufficient measures should then be made in securing these points to prevent any impending disaster.
These cyber-attacks should in a way serve as wakeup calls for manufacturers globally. There is general consensus among the industry that machines or systems can no longer be isolated. Connectivity and IIoT will be the route ahead. Yet, the thought of critical data, life, and assets being compromised spares none from feeling jittery. It is, therefore, crucial that manufacturing companies understands the need and importance of investing in cyber security and related research on a continuous on-going basis. We can visualize cyber security as the lifeline for digital factories in days to come; for without cyber security these companies will constantly be vulnerable under the watchful eyes of the black hat perpetuators who are looking at all possible ways to carry out an intrusion.