The cyber path forward for manufacturers
In February, Toyota halted production in all 14 of its Japanese plants after a significant parts supplier fell victim to a cyber attack. As manufacturers continue their journey towards digital transformation, Christina Hoefer, VP, Global Industrial Enterprise, Forescout Technologies, explains how they can improve the security of their connected environments.
The target of the Toyota attack was Kojima Press Industry Co., which manufactures metal, plastic and electronic components for vehicles, but it indirectly impacted Toyota’s just-in-time production control system. To prevent the infection spreading to other network components, the car manufacturer made the decision to halt production, which resulted in a five percent drop in car production and significant financial losses for the company.
The attack also demonstrated the true impact of supply chain attacks on manufacturers. As connectivity in their operational environments grows and interdependency chains with suppliers become more embedded in their networks, devastating and production halting cyber attacks are becoming a greater risk.
Hackers have discovered that by compromising production of key suppliers they can also shut down operations for their customers. The convergence of IT, Internet of Things (IoT) and operational technology (OT) systems, including industrial control systems (ICS), often plays a major role in supply chain attacks – and, more commonly internal, non-malicious cyber risks.
Given this heightened risk, how can manufacturers improve the security of their connected environments?
The digitalisation of manufacturing
For decades, IT and OT were seen as separate entities within organisations. In keeping with practices first defined by the Purdue Enterprise Reference Architecture, the two systems were entirely air gapped to never impact one another. While this separation kept OT networks more protected, today digital transformation efforts have merged the networks to improve efficiency, cut costs and improve safety for plant employees, but it has also raised the cyber stakes.
Digital transformation is underpinned by the convergence of OT and IT systems. Convergence doesn’t mean IT and OT systems and processes are collapsed into a single, flat system, but information is shared to allow them to interoperate. For manufacturers, the challenge is how to securely connect IT and OT systems that need to communicate, while preventing those that don’t from doing so. Oftentimes, unwanted communication links go unchecked and vulnerabilities hide in plain sight based on the assumption that OT and IT are separated when they are not. Such assumptions increase the chance that malware on one network may spread and impact other networks.
When thinking about manufacturing cybersecurity challenges, the issues most frequently faced include:
Cyber security best practices for manufacturers
When rolling out new digitalisation projects, organisations can prepare by following best practices such as the NIST Cyber security Framework, which outlines how to identify, protect, detect, respond and recover from threats. The following recommendations align with this framework and they are based on more than a decade of industrial threat research and experience:
