Smart factories, smart sensors, and the Internet of Things are blurring the line between digital and physical worlds — making cyberattacks more dangerous than ever.
The global smart factories market is booming. Valued at $270.74 billion in 2020, it is forecasted to reach $461.82 Billion by 2026. Europe is leading the charge, with the five most advanced factories in the world operating there.
Smart factories — arguably the most data-intensive division of industry 4.0 manufacturing and often entirely unmanned smart facilities — require a tremendous amount of connectivity to function. By 2022, machine-to-machine connections might comprise more than half of the worldwide 28.5 billion interconnected gadgets.
That interoperability brings about revolutionary manufacturing opportunities — but also novel cybersecurity risks.
The blurred borders
In 2009, centrifuges in an Iranian nuclear enrichment plant mysteriously spun out of control. A Belarusian team of cybersecurity experts was called in to investigate the incident. Their disconcerting discovery later came to be known as Stuxnet — a malware that escaped its digital realm and inflicted tangible destruction in the physical world.
We’re used to separating our hardware and software into distinctly separate domains. Operational technology (OT) is your floor machinery, and the IT network is your business functions, like accounting. That’s changing now.
Interoperability is the key to the roll-out of industry 4.0. All physical and software components, from machine sensors to the cloud must be in constant communication. Our current cybersecurity relies on intrusion detection systems and firewalls, which usually do their thing. But we need a much greater security scope to protect all the data, hardware, and software that goes into Industry 4.0 facilities.
For example, taking operational technology components online exposes industrial control systems, such as programmable logic controllers and supervisory control and data acquisition systems, used to manage the behavior of machines. Before, these components existed offline or in an isolated network, but with advanced manufacturing they become susceptible to outside threats, like network floods, that grow more powerful through the widespread use of connected IoT devices and botnets.
Industrial verticals depend on thousands of IoT devices to power smart manufacturing. Threat actors, on the other hand, use IoT botnets to launch some of the most devastating attacks. That’s a vicious cycle.
With lifespans of up to 30 years, a lot of existing machinery is outdated, which creates its own security challenges. Using older operating systems, many pieces of equipment have long stopped receiving updates and are more vulnerable to malware. It is going to be a long road to upgrade and connect these older tools, some of them still running Windows XP.
Meanwhile, the DDoS threat is looming on the horizon. According to one report, as many as 75% of manufacturers have been subject to DDoS attacks in 2020. And while 82% of the study respondents acknowledged the need for increased DDoS protection, the existing countermeasures are not enough for effective mitigation.
Of the same study, 31% of respondents said that they don’t use automation for their network security policy management, while only 39% forward useful data to security information event management tools. Most alarmingly, only 34% utilize internal DNS traffic for filtering, which is far more effective than relying solely on external filtering lists. The statistics above paints a picture of an industry barely able to cope with the current security requirements, if at all, let alone operate safely in the industry 4.0 landscape.
When a DDoS attack hits, some manufacturers respond by shutting down affected or, more rarely, all processes. The losses sustained from downtime are enormous, averaging at $825,000 per attack.
Worse yet, industry 4.0 infrastructure may be interdependent, supply chains managed dynamically by data received from production machinery. Chances are, there will not be this failsafe in the future, because local disruptions will affect the whole enterprise: the supply chain, the stakeholders, the customers, and all.
To make industry 4.0 infrastructure truly secure from cyberthreats — and DDoS in particular — we must incorporate cybersecurity by design, not implement it as an afterthought. It will require a tremendous amount of funding, manpower, and time.
With global cybersecurity efforts lagging, the outlook may seem grim, but there is still time to turn the situation around. We just have to recognize how serious the problem is.