give us cause for concern. According to Verizon’s Data Breach Investigations Report which analysed fi gures from 2017, manufacturing suff ered 42 known breaches and 389 cyber-incidents of various types, not far behind sectors like healthcare and fi nance. About 90% of these originated with external hacking rather than an internal compromise or misconfi guration and, importantly, Verizon believes that 86% were targeted attacks custom-designed to penetrate specifi c companies. “Since, overall, the vast majority of attacks are opportunistic in nature, this fi nding underlines the point that criminals go after certain manufacturing entities with a very specifi c purpose in mind,” the report stated. These fi gures don’t tell us much about how vulnerable IIoT and OT might be to cyber attack; but they do underline that the motive to target them is already well-established for a range of reasons – including geo-political advantage and fi nancial gain.


HOW ATTACKS MIGHT UNFOLD Looking at recent events, it’s clear that the obvious template for attacks is probably targeted cyber- extortion, which scores a maximum 10 on both scales. A warning of how unpleasant this can be was


delivered by what happened to the city of Atlanta in March 2018. Like every city in the developed world, Atlanta and its citizens depend on online services that make available simple applications such as parking, bill payment, court appearances, and a miscellany of local government bureaucracy. Using a hacking-to-ransomware platform called SamSam, the attackers burrowed into the city’s network to encrypt and hold a suite of applications hostage. With the ransom demand for $51,000 (£39,000) apparently unmet, the attack eventually cost a reported $2.6m to clean up. SamSam was


blamed for other attacks during 2018, including – perhaps most worrying of all from an industrial point of view – on the ports of Barcelona and San Diego. The lesson is that if such a thing can befall a city or port the same thing can happen to any institution, organisation, or critical asset, including a factory, industrial process or supply chain in which even a few hours of downtime can be crippling. Size


There are now just as many forces that might seek to disrupt OT and the IIoT as benefi t from them.


and importance no longer seem to be a protection indeed the opposite might now be true. It’s my view that IIoT systems are still often not well-defended by use of anything that resembles a mature security model. There are simply too many ways in – often the legacies of past security design mistakes. Industrial networks supporting IIoT are not likely to be built from scratch and will depend on an organisation’s established network security and protocols. A fundamental problem is that by its nature, IIoT and


OT increase the number of devices communicating using Internet protocols attackers can aim at. All an attacker has to do is fi nd a weak point or protocol – Remote Desktop Protocol (RDP) was SamSam’s chosen method of entry – from which to build a deeper incursion into the target network. This should give anyone planning to implement IIoT and OT pause for thought. It falls to the professionals tasked with defending Industry 4.0 to build their defences from the ground up if the next wave of industrial technology is to fulfi l its promise. Jörg Schuler (pictured left) is OT Cyber Security Portfolio Manager at Airbus CyberSecurity.


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53