While digital transformation and IIoT are massively beneficial, if designed poorly and carried out incorrectly, they can create serious threats.

Digitalisation and the adoption of new technologies that enable networking, information flow and data insight, can create vulnerabilities within the Operation Technology network that can be exploited by hackers who are progressively going after vital infrastructure with attacks that can potentially disrupt people’s daily life, such as power generation. This makes attacks on OT networks more critical and damaging than attacks on IT systems.

In the past, industrial environments were thought safe from cyber-attack as OT networks were physically isolated from public networks such the internet or unsecure LAN. With the introduction of digitalisation, this is no longer the case. Digitalisation has merged IT and OT thus giving attackers a wider target to gain access to a facility’s integrated control and safety systems. Hackers today are well aware of the flaws in OT systems and are actively looking for ways to exploit them.

No system is impenetrable, and vulnerabilities will continue to materialise within the OT field. Despite substantial investment, no plant can eliminate its risk exposure. And there’s no silver bullet technology that can eliminate the cyber security risk of the growing OT and IT convergence and human error. Added to this is the fact that cyber threats are constantly changing. With hackers always a step ahead and regulation trying to keep pace, OT cyber security has become a huge challenge for most organisations.

Manufacturing companies planning on a digital transformation must take a holistic approach to their implementation. The approach must include designing and implementing a comprehensive Cyber Security Management System for OT networks, developing a defined OT security policies and procedures, risk assessment, and awareness training.

For comprehensive cyber security management system, the National Cyber Security Centre (NCSC) has published several guidelines to help organisations design and implement a cyber secure and resilient OT Network systems.

5 Cyber Security Design Principles set by the NCSC

1. Establish the context before designing a system

a. You must have a complete insight into all the elements of your system operation so that your protective measures have no blind spots. It is essential that you have a clear idea of the following:

 What is the system for?
 What is needed to operate it?
 Who operates it?
 Which risks are acceptable?
 Which risks are NOT acceptable?

b. Identify potential threats to your system and the capability level of the attacker to who can carry out the threat.
c. Identify your suppliers’ role in creating and preserving system security.
d. Know all the touchpoints at which data are accessed, controlled, and stored.
e. Be clear about how you control, direct, and convey your cyber security risk management activities.
f. Be clear about the roles and responsibilities of everyone involved in designing and operating your OT network system.

To implement this principle requires involvement from all parts of your organisation, particularly the cyber security engineers, IT engineers, functional safety engineers, process control specialists and process control operators.

2. Make Compromise difficult by applying the following concepts and techniques:

a. Don’t trust any external input. Transforms, validate, or render it.
b. Reduce attack surface by only exposing interfaces needed to operate your system.
c. Ensure your service providers are trustworthy and competent.
d. Ensure services and products deployed are suitably designed, configured, and correctly operated.
e. Reduce risks by removing chances for malware to get entry to the administrator’s device
f. Establish accountability by attributing operations to individuals rather than groups
g. Design your system so it’s easy to maintain. A poorly maintained system is vulnerable.
h. Make it easier for operators to use a secure approach. Security breaches often happen because operators used a temporary fix for system inadequacies.

3. Make disruption difficult by employing the following measures:

a. Deploying standby systems.
b. Doing Data back-ups.
c. Designing for scalability.
d. Identify bottlenecks and plan for outages.
e. Include high load and denial of service to your testing strategy.
f. If you’re relying on third-party service, have a plan to minimise disruption if their service fails.

4. Make compromise detection easier by designing your OT system to spot suspicious activity in real-time.

a. Collect all relevant security events and logs in real-time.
b. Simplify communications flows between devices. This will make security analysis simpler.
c. Keep monitoring independent from the system being monitored.
d. Establish a baseline for normal to detect anomalies in your system.

5. Reduce the impact of compromise by making it difficult for attackers to exploit your system in the event that they gained access to your system.

a. Segment assets on your network to contain the compromise.
b. Remove unnecessary functionality from software or production systems.
c. Be wary of creating management bypass.
d. Design a system that allows you to quickly rebuild to a verified clean state after you’ve resolved the fault that led to the compromise.
e. Anonymise exported data, and don’t rely on reporting tools to carry out the process. Maintain control of the process and implement your controls to anonymise data as close to the source as possible.
f. Don't design functionality or deploy applications that allow arbitrary queries against your data.

For further guidelines and information on cyber security, visit the National Cyber Security Centre.

Digital transformation is inevitable and IIoT is here to stay. Your organisation can embrace it now or later. But you must be prepared for it, all the same.

In 2020, failure to deploy security automation cost companies 6.03 million U.S. dollars on average, while companies with fully deployed security automation spent less at 2.45 million U.S. dollars on average.

Last year, cybersecurity researchers discovered vulnerabilities in some of Schneider Electric’s product including Modicon M580 and M340 PLCs. These vulnerabilities enable attackers to bypass security tools installed on these PLCs and exploit the undocumented Modbus commands to gain complete control of the plc.

Using these commands attackers can take over the plc, gain native code execution on the device and make changes to the operation of the plc, while hiding the changes from the engineering workstation that manages it.

Since the discovery, Schneider had been working on a patch which is expected to be released Q4 of 2021. In the meantime, SE had released a security advisory on 13 July 2021 for users of M580 and M340 to help protect their system from possible attack.

Find the Schneider Electric security advisory here.