Well before the dawn of the Internet age, security flaws were discovered in computers and exploited - first with attacks on data within the computer itself and soon after on computers connected to a network. Historically, cybersecurity threats have kept pace with the advancements in information technology and cybersecurity defenses, like antivirus software. Once computers were connected to the Internet and began exchanging data, cybercrimes substantially changed, along with the mechanisms to prevent it.
In 1988, a Cornell University computer science graduate student unleashed an Internet-based computer worm, infecting approximately 6,000 mainframes, mini-computers, and workstations connected to the Internet with a malicious code that brought computer performance down to a crawl. His motive, he later admitted, was "to demonstrate the inadequacies of current security measures on computer networks by exploiting the security defects he had discovered.โ[1]
This relatively innocuous cybercrime, in retrospect, was a forebearer of the extensive cybercriminal activity to come, as the Internet and digital transformations occurring in all sectors of life gave rise to cleverly conceived cyberattacks in the form of malicious viruses, network intrusions, malware, ransomware, data breaches, and the like.
Early in the connected world, cybercriminals targeted computer information systems, networks, and personal computer devices looking to steal data like passwords and login credentials, credit card and financial data, and even private medical information. A few of the more publicized incidents include Stuxnet [2} in 2010, which was the first cyberweapon meant to cause physical damage. In this case, Stuxnet was thought to have destroyed 20 percent of the centrifuges used in Iran for creating its nuclear arsenal.
The 2017 WannaCry [3} ransomware attack affected approximately 200,000 computers in 150 countries, while the NotPetya [4] attack, which originated in Ukraine, destroyed thousands of computers across 60 countries. The manufacturing industry was touched by NotPetya as well, when Mondelez [5], a multination food and beverage company, lost thousands of computers as a result of the attack - impacting production facilities around the globe, aswell as the companyโs ability to complete customer orders.
The Manufacturing Impact
While cyberattacks are pervasive across most every industry, manufacturing processes, in particular, stand out as prime targets for such threats, making it imperative for manufacturers to grasp the risks posed by cyberattacks and understand the protective measures available.
According to a 2022 survey conducted by Barracuda Networks [6], more than 90 percent acknowledged they experienced a security incident in the past year that had a significant impact on their organization. The reported incidents involved a wide range of attacks, with web application, malicious external hardware/removable media, and distributed denial of service attacks being the most frequent
With the extensive digital transformations occurring in the manufacturing sector, the cyberthreat attack surface has expanded exponentially. This makes cybersecurity of paramount importance to manufacturers of all sizes, regardless of the level of digital transformation undergone by the company.
The explosive growth of digital transformation in the industrial sector, characterized by the term Industry 4.0, is at the core of the cybersecurity discussion for connected, smart manufacturers and digital supply networks. These smart systems are programmed to collect and share data, make decisions that trigger actions, and independently control processes. Moreover, the newfound integration of artificial intelligence and machine learning technologies in Industrial IoT applications like machine vision, robotics, and predictive maintenance, makes an ever-increasing amount of critical data vulnerable, and puts industrial processes at further risk.
For example, additive manufacturing processes are beginning to integrate various AI and machine learning-based algorithms to exploit the full potential of the 3D technology. The trained printing model that grows from the machine learning process becomes the intellectual property of the manufacturer and must be protected from inadvertent modifications, or even intentional attacks. There could be counterfeiters trying to build similar systems by abusing the property of the original maker, or there might even be outright saboteurs who want to manipulate what the system can produce in practice. [7]
An even more malicious attack to a serial production line is the manipulation of the output itself. For example, a remote hack could manipulate the settings in a robotic production process to keep some bolts loose while overtightening others in a finished product. As a result, unsafe products could enter the market with the need for expensive recalls and threats of litigation.
As Industry 4.0 technologies continue to evolve, so will the blurring of the boundaries between operational technology and information technology. As critical manufacturing data travels outside the boundaries of the traditional factory, access rights and policies will need to be managed across the entire organization, which will necessarily lead to a more closely aligned IT and OT environment.
The convergence of IT/OT systems and processes, while enabling new levels of manufacturing efficiencies and productivity to the factory floor, will bring new stakeholders into the security environment. IT security teams and processes must now incorporate the diverse real-time demands of distributed industrial environments.
There is no doubt that IT/OT technologies will continue to evolve, as will the nature and mechanisms for cybercrimes, whether it will be to steal IP, disrupt operations, or wreak havoc in other ways. Cybersecurity technologies and preventive measures will need to evolve as well, beyond simply reacting to issues as they occur, but rather enabled by a built-in cybersecurity-by-design approach to new Industry 4.0 innovations.
Marcellus Buchheit is co-founder and Chairman of the Board of WIBU-SYSTEMS AG in Karlsruhe, Germany. He currently serves as the President and CEO of Wibu-Systems USA, Inc., located in Edmonds, WA where he resides.
Citations
- Morris Worm, Cornell Commission Findings https://www.cs.cornell.edu/courses/cs1110/2009sp/assignments/a1/p706-eisenberg.pdf
- Stuxnet Dossier https://www.wired.com/images_blogs/threatlevel/2010/11/w32_stuxnet_dossier.pdf
- WannaCry Ransomware Attack https://www.vox.com/new-money/2017/5/15/15641196/wannacry-ransomware-windows-xp
- NotPeyta Attack https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/
- NotPeyta Attack on Mondelez https://www.industrialcybersecuritypulse.com/facilities/throwback-attack-the-notpetya-malware-causes-serious-damage-to-snack-giant-mondelez/
- The State of Industrial Security 2022 https://assets.barracuda.com/assets/docs/dms/NetSec_Report_The_State_of_IIoT_final.pdf
- Softwareโs Turn: Increasing the Dependability of 3D Printing, Industrial Print Magazine, April 2023 https://industrialprintmagazine.com/softwares-turn/