This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

Securing your production facility

02 April 2018

Derek Lane, automation manager at WAGO, lists the top 10 threats to automation systems used by small and medium enterprises (SMEs), such as those operating in the food and beverage sector. 

The top 10 threats to automation systems from cyber attacks are:

1. Social engineering and phishing
2. Introducing malware via removable media and external hardware
3. Infection with malware via Internet and intranet
4. Incursion via remote maintenance access
5. Human misconduct and sabotage
6. Control components connected to the Internet
7. Technical misconduct and force majeure
8. Compromising extranet and cloud components
9. (Distributed) Denial of service attacks
10. Compromising smartphones in the production environment.

A recent whitepaper from WAGO offers a 10-point plan for SMEs to protect both IT (information technology) and OT (operational technology) from cyber intrusion. These steps include:

1. Management commitment
2. Organisation of the responsibilities and processes
3. Creating guidelines
4. Training staff
5. Acquiring and providing knowledge
6. Identifying, evaluating, and protecting the assets
7. Regulating external access to production facilities
8. Data backup
9. Handling malfunctions and failures
10. Handling IT security incidents

All of these steps are clearly important, but within ‘step 6’ is a robust process that can significantly counter any attack. Effective implementation of this step will typically result in a ‘defence-in-depth’ approach – analysing where threats are likely to come from and taking appropriate and proportionate measures to protect against them.

Defence-in-depth involves taking a holistic approach to cyber security, considering human, procedural and structural factors as well as technical ones. Much like a castle might have a moat, drawbridge, portcullis, high walls and turrets, no single one of these will deter all attacks on their own.

Defence-in-depth is predicated on the notion that if one layer is breached, others can either thwart an attack outright, or buy enough time for an organisation to detect and respond.

Take, for example, a production facility consisting of plant floor, control room and office area. The first step in a defence-in-depth approach could be to guard against physical intrusion. A security fence may seem primitive, but it also may be enough to deter an attacker. Bear in mind that an intruder armed only with a USB stick can potentially bring a whole company down. Access control for restricted areas is another option that should be considered.

The second step might be to use additional firewalls to establish virtual barriers between each section of the facility. The plant floor can be further subdivided using more firewalls to isolate them from the control room, which can in turn be isolated from the back office. Even dividing the plant floor into two can potentially half the damage caused by a cyber-attack. For SMEs, this can mean the difference between ruin and recovery.

A third step could be network monitoring. One way of doing this is to set up a honey pot – an isolated point on the network which is kept deliberately accessible. This can lure attackers in with the bait of seemingly valuable resources, which can be used to monitor unauthorised activity, see how attackers behave, and improve security accordingly.

There is no single magic bullet for effective cyber security, and there are many other options and types of protection available, but just with these three simple steps, our hypothetical facility now has a multi-layered defence-in-depth strategy.

A Whitepaper entitled ‘IT Security in Production facilities’ can be downloaded here:

Derek Lane is automation manager at WAGO.

Contact Details and Archive...

Print this page | E-mail this page