1 year ago



manufacturing 'WEAPONISATION' OF EVERYDAY DEVICES WITH NEW STRAINS OF RANSOMWARE AND OTHER VULNERABILITIES CREATED EVERY WEEK, WHAT EXACTLY SHOULD MANUFACTURERS BE LOOKING OUT FOR IN THE YEAR AHEAD? consumer technology, which means that some still have the original OpenSSL software installed. A fixed version of the programme has since been released, meaning that manufacturers can avoid this type of attack by simply updating their system," adds Wilkins. KEEPING INDUSTRIAL CONTROL Manufacturers understand the need to protect their networks and corporate systems from attacks, but their industrial control systems also pose a risk. "If an attacker deploys ransomware to lock down manufacturing computers, it could cause long periods of downtime, loss of production and scrap of products that are being made when the attack happens." The only way to avoid a cyber security breach is by planning ahead and preparing for the unexpected, says EU Automation. The advantages of accessing data from smart devices include condition monitoring, predictive analytics and predictive maintenance, all of which can save manufacturers money. However, recent attacks have proved that these connected devices can quickly become weapons, programmed to attack the heart of any business and shut down facilities. In a recent distributed denial of service (DDOS) attack, everyday devices were used to bring down some of the most visited websites in the world, including Twitter, Reddit and AirBNB. ALARM SIGNALS "Such incidents raise a clear alarm signal that manufacturers should run their production line on a separate, highly secure network," says Jonathan Wilkins, marketing director of obsolete industrial parts supplier EU Automation. "For manufacturers that use connected devices, cyber security is even more important, so they should conduct regular cyber security audits and ensure security protocols are in place and up to date." According to the 2016 Manufacturing Report, manufacturers are more susceptible to older attacks, such as Heartbleed and Shellshock. As Wilkins goes on to point out: "These are serious vulnerabilities found in the OpenSSL cryptographic that allows attackers to eavesdrop on communications and steal data directly from users. "Industrial computer systems generally aren't updated or replaced as often as This is particularly true in the era of Industry 4.0, where devices are connected and processes are automated. "One of the most effective means of safeguarding automated production systems is cell protection," he adds. "This form of defence is especially effective against man-in-the-middle attacks, whereby the attacker has the ability to monitor, alter and inject messages in a communications system." UNDER HEAVY ATTACK Last year, alarmingly, IBM reported that manufacturing was the second most cyber-attacked industry. "IBM also stated that cyber security awareness in the manufacturing industry is lower than other sectors," comments Wilkins. "The truth is that any company can be the target of a cyber attack. The only way to avoid a cyber security breach is by planning ahead and preparing for the unexpected." 32 computing security July/August 2017 @CSMagAndAwards

yod TORN BY TOUGH CHOICES ORGANISATIONS FACE A DICHOTOMY - WHILE MOBILE TECHNOLOGY BRINGS OPERATIONAL BENEFITS, IT ALSO INTRODUCES THE COMPROMISE OF NETWORK SECURITY The proliferation of BYOD makes the identification of a threat injected at the core of the network almost impossible, using existing security infrastructure. "The common response to this mobile technology network security threat is to 'lock down' systems, or silo some elements on a device that have permission to run within the enterprise environment," points out Daniel Driver, head of perception cyber security at Chemring Technology Solutions. "This is done at the cost of usability and end-user value - having a negative impact on the productivity benefits of mobile working. Of course, employees will also often find a 'way round', using unapproved devices, resulting in unintentional network security breaches." Whereas the network perimeter has traditionally assumed that no device leaves the network, BYOD has created transient devices that bring a significant grey area into network security management. If the organisation owns the device, it can, of course, add security software to each one; but, if it is the employee's own, this endpoint security approach is ineffective. "Once a mobile device has left a network, the organisation has reduced control over what it does, so it is therefore vital to assume that the security of every device has been breached - and manage network security accordingly. The organisation can no longer focus on simply monitoring what its owned hardware does; it must add a layer of protection to cover all devices that leave the network and re-join later," he adds. To counter today's ever more complex BYOD network security threat, organisations need to review their security tools and fill any visibility gaps. "This may be achieved by adding more advanced tools, such as passive network monitoring systems that sit at the core of the network, which are intelligent enough to constantly identify and classify behaviour to filter out the unusual from the normal," states Driver. "Perimeter and endpoint solutions typically only have the 'now' available to them. While SIEM tools can be used to gather data, over time it becomes nearly impossible to find the needle in such a large pool of big data. As attacks become increasingly intelligent, so the technology used to combat them must match it by identifying and linking malicious activity across months, weeks and minutes." Such a behavioural-based system would deliver the step change needed in the approach and technologies used to combat the ever-evolving network security threat posed by BYOD, he concludes. "As every organisation is different, there is no single silver bullet to the issue of network security. A layered approach will therefore deliver the correct balance of security and usability." @CSMagAndAwards July/August 2017 computing security 33