One place where Internet of Things (IoT) technology seems to make the most sense is on the factory floor. The industrial IoT, or IIoT, as a concept for fleshing out industrial control systems (ICS) with embedded intelligence that uses connected and interoperable sensors and devices to convey information on machine performance and functional parameters, is clearly capable of giving plant operators real-time insights about their systems to an extent they’ve never had before. This makes the IIoT critical for the further development of U.S.-based manufacturing generally and for the future prospects of your best industrial customers. With the new technology, however, come new risks to your customers’ business.
Industrial control systems have evolved rapidly from isolated supervisory control and data acquisition (SCADA) systems to the much more information-rich networks feeding system performance data into higher level IT systems supporting operations and the enterprise as a whole to gain the benefits of the IIoT. Along the way, this better connectivity often erases the traditional air gap that has protected the industrial network from the IT network. Many IIoT technologies lack protections to make sure devices cannot be exploited by hackers, increasing the risk that these devices might expose the ICS to attack.
For electrical distributors active in the industrial market, staying on top of reports of new attacks and discoveries of vulnerabilities has become a critical matter. Although industrial control system salespeople aren’t the ones tasked with protecting their customers’ systems, they must be conversant in the basic best practices of factory cybersecurity and they must be ready to move quickly with solid information when a vulnerability related to their devices and systems emerges.
In the broadest sense, basic best practices in computer network security are becoming common sense, like basic hygiene. Wash your hands, update your software and change your passwords. But beyond that anyone in the ICS space needs to be aware of the evolving threats.
Being proactive and knowing where to go and who to bring in reinforces the distributor’s value as a source of assistance in a crisis. Here is a general overview of the state of ICS cybersecurity and a collection of resources to help stay abreast of this rapidly changing landscape of industrial cybersecurity threats.
Manufacturers. Your manufacturers are your best first resource for insight on security concerns involving their equipment. Device-level security is a key priority for any manufacturer invested in the industrial control space and new standards are coming online that aim to help. The International Society of Automation (ISA) ISA99 committee, which is focused on industrial control system security and helps create the ISA/IEC 62443 series of standards, introduced a new standard in March for developing industrial control products that are “cybersecure by design.” The new standard is designed to provide a flexible framework to address and mitigate current and future security vulnerabilities in industrial automation and control systems.
NIST Cybersecurity Framework. The National Institute of Standards and Technology (NIST) last month released the latest version (1.1) of its Framework for Improving Critical Infrastructure Cybersecurity, which many organizations use when developing their cybersecurity practices. The framework focuses on using business drivers to guide cybersecurity activities and considers cybersecurity risks as part of the organization’s risk management processes. It provides a common organizing structure for multiple approaches to cybersecurity by assembling standards, guidelines, and practices that are working effectively today. Even customers that wouldn’t necessarily fall into the critical infrastructure category find this a key resource for identifying best practices in managing the risk. Cybersecurity will always be a moving target, but having a view to the baselines and best practices will help you understand what your customers are up against.
DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). The U.S. Department of Homeland Security (DHS) has its National Cybersecurity and Communications Integration Center (NCCIC) and Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), which publish vulnerabilities as they’re discovered. This is a key resource for staying abreast of new vulnerabilities.
Security specialists. Many firms that specialize in ICS cybersecurity provide frequent reports on evolving threats. According to several security firms and security-specialist publications the industrial control market should expect more sophisticated ransomware and increased threats due to device-level vulnerabilities in the Industrial Internet of Things (IIoT).
The Kaspersky Lab ICS-CERT team, in a report published this spring, characterized the landscape of threats in 2017 as “one of the most intensive in terms of incidents affecting the information security of industrial systems.” Its forecast of the threats to industrial control systems for 2018 looks for an increase in targeted attacks. Kaspersky said it has seen the inclusion of modules targeting ICS in malware platforms/frameworks and specialized software designed to automate malicious impact on industrial systems and several other trends that point to someone targeting ICS.
Internal specialists. Any industrial electrical distributor needs to have someone on the team whose job includes keeping a handle on the state of the security landscape and relaying relevant developments to everyone involved in industrial control system sales.
In today’s rapidly evolving industrial cybersecurity landscape, knowing about new attacks and new vulnerabilities as early as possible will be a key point in both keeping customers’ control systems safe and helping them gain maximum benefit from the technologies that help them be more competitive.