As technology advances and factories seek newer heights of productivity by employing these advances, we’ve seen the manufacturing sector as a whole grow more and more digitized. AI, 3D printing, robotics, industrial computers, the list of new innovations the industrial space has implemented is ever-growing for better or for worse.
Unfortunately, technological progress can oft be a double-edged sword when it comes to businesses with sensitive data that needs protection.
As this digital metamorphosis of the industrial space occurs, several more avenues of cyberattack have become available. According to a Website Security Report published by SiteLock, cyberattacks in 2018 on websites alone increased by a whopping 59%.
Now, that SOUNDS scary, sure. But what exactly are the implications of a digital offensive to a factory owner with a modernized operation?
What is a Cyberattack?
Article Guide
Cyberattacks are coordinated assaults carried out primarily through the internet that target the general public or corporate organizations. Their primary methods include: spreading harmful programs (viruses), accessing websites without authorization, or theft of information belonging to personal or corporate targets. In the case of cyberattacks specifically against manufacturers, criminals are often looking to steal intellectual properties or seeking to disrupt operations such as supply chains.
Cyberattacks have been around for as long as the internet. What makes them more of an immediate concern nowadays, however, is the digitization of the manufacturing industry we mentioned earlier. Because cyberattacks can target anything with network capabilities, factories develop more chinks in their proverbial armor the more they integrate interconnected tech into their facilities.
Take the recent example of Strava Labs in 2017, for instance. Strava Labs was a fitness-tracking app that released a heat map depicting everyone that used their software in a blog post. The post was intended to flex (no pun intended) just how wide-spanning their user base was. Unfortunately, that harmless sentiment resulted in Strava Labs accidentally revealing the location, layout, and staffing of a secret US military base that used the app for training their soldiers. In response, experts immediately realized that sensitive information such as this was ripe for the taking if a cybercriminal were to target, say, the wearable fitness-tracking devices worn in a military base.
And that’s the scary thing about cyberattacks- all it takes is one doorway, one piece of hardware with network capabilities to be compromised. And once that doorway is opened, it can be used as a launching point for further attacks on nearby computers or phones with more personal information.
So what are manufacturers supposed to do? Not innovate? Not employ exciting new technology towards streamlining operations and delivering better product? Of course not.
Factories need only take the proper precautions against cyberattacks before they happen. “The best offense is a good defense,” as the adage always says.
Use Software and Hardware Firewalls
Surprise, surprise, firewalls do quite a bit of heavy lifting when it comes to enhancing your cybersecurity. Firewalls are designed to prevent unwelcome access to a private network and should be the first line of defense you employ when looking to patch up any blemishes in your security. Not only do they thwart hackers looking to get their hands on important information, they can also be used to prevent employees from browsing less than trustworthy websites that could be harboring malware.
Software firewalls are surely a non-negotiable when it comes to cybersecurity, but they’re nowhere near an end all solution. Because they exist within the same system where sensitive data is stored, often times when a cybercriminal has reached your software firewall, they’ve already penetrated your network. That’s where a hardware firewall can provide that extra, sometimes crucial, layer of defense.
Where a software firewall is something individually installed on single computers, hardware firewalls are separate pieces of, well, hardware that connect directly to your router and cable modem. This physical connection essentially means a hardware firewall can provide blanket protection for every piece of tech connected to your network.
The ideal setup for a manufacturer interested in boosting their cyber defense would be one that includes both of these firewalls. You’ll also want to make sure that off-site employees are using computers and hardware that are outfitted with your preferred firewall software.
Educate Your Employees
Your interconnected tech isn’t the only entry point for a cybercriminal. Every one of your employees on the factory floor is filled with valuable information ready for the taking if they aren’t careful.
Chubb’s released a 2019 Cyber Risk Survey in which only 31% of their respondents claimed their employer provided them with annual training against cybersecurity threats. A stunning number to be sure when you consider just how much more vulnerable businesses of all industries are in the current digital age.
Sometimes just being aware that cybersecurity threats exist can be enough for an employee to be a little more conscious about the information they give away online and outside of work. If you want to delve a little deeper into your curriculum however, there are a few key points you should cover.
- Different kinds of cybersecurity threats (phishing, spamming, malware, ransomware)
- How to identify potentially dangerous spam content
- Password security
- Company policies and guidelines for email, social platforms, and internet use
- Company data protection policies
- How to report cybersecurity threats
These topics should arm your employees with plenty of knowledge they can use to better protect against and identify potential cyberattacks. If possible, you can make this training part of the onboarding process for new hires with the caveat, of course, of updating the curriculum and repeating it every year or so. Repetition is the key to forming habits after all.
Keeping your cybersecurity training updated and relevant can also keep your employees informed about the newest schemes, tactics, and forms of cyberattack as they become known.
Update Your Operating Systems Regularly
Speaking of things that need to be updated regularly, all operating systems and software used by your devices on the floor need to be routinely patched to ensure you have all of their latest security features. Updates are responsible for quite a few quality-of-life changes, the most noticeable being the patching up of security holes, added security features, and the removal of old unprotected features.
Of course, boosted efficiency and performance is just gravy on top of all of these enhanced security features.
Be sure to schedule your devices, computers, and industrial grade tablets for regular updates. This will ensure cybercriminals can’t exploit known deficiencies in outdated versions of operating systems. More often than not, there are options in your settings for these pieces of tech that allow for them to be updated automatically as soon as updates are available.
Also, if you plan on purchasing new computers or installing new software, be sure to check and see if those products are still supported. Vendors aren’t required to provide security updates for unsupported products. To that end, investing in solutions that have a longer product lifespan might be smarter than purchasing something consumer-grade that’ll be made obsolete and given less updates in a year’s time.
Monitor and Authenticate Detection Logs
Part of keeping track of your employees is making sure they aren’t visiting sketchy sites that could be compromising your cybersecurity. Fortunately, a majority of malware protection software comes with logging capabilities that allow you to do just that. Be sure to check any user manuals and learn how you can leverage your software to: identify suspicious activity with your logs, maintain log records should an investigation occur, and back up your logs.
You’ll also want to make sure the people logging into your system are people you WANT logging into your system. Single sign on (SSO) authentication hardware such as RFID scanners, CAC readers, and biometrics can go a long way towards confirming the identity of your employees as well as tracking logs you’ll need should the unfortunate happen and an investigation be launched.
Outpacing Cyberattack Advancements
Technology shows no signs of slowing down and neither do cybercriminals. Fortunately, factories and businesses don’t need to slow down either when it comes to cyber defense.
More advanced hardware, software, and education are always being developed to counter the newest, craftiest methods of cyberattack. Doing your due diligence and keeping up with the cybersecurity best practices for your industry can go a long way towards keeping your sensitive information where it belongs, on your system and no one else’s.
If you’d like to learn more about how you can incorporate these practices into your factory floor, reach out to a Cybernet expert today.
The Use of Industrial Computers in the Aerospace Sector
September 17, 2015
Over recent years, industrial computers have come to take on a critical role in a number of professions. The aerospace industry is one sector that has come to rely on the use of these devices to address a number of…
0 Comments4 Minutes
Use of Industrial Computers in the Aerospace Sector
August 24, 2018
Few industries are more exciting or hold more potential for the future than aerospace: a merging of science, business and engineering to literally reach the skies. When most people think of the term, they think of…
0 Comments9 Minutes
You Can't
Learn from a Pop-up
But we can deliver knowledge to your inbox!
We dive deep in the industry looking for new trends, technology, news, and updates. We're happy to share them with you.
Knowledge, News, and Industry Updates Right in Your Inbox
