Featured Image

Manufacturing is Under Attack

Many in our industry are aware of the recent cyberattacks on Colonial Pipeline and JBS Foods. Both situations were ransomware attacks where the “bad actors” took control of all, or part, of the businesses’ computing resources until the ransom was paid.
Jul 29, 2021

Many in our industry are aware of the recent cyberattacks on Colonial Pipeline and JBS Foods. Both situations were ransomware attacks where the “bad actors” took control of all, or part, of the businesses’ computing resources until the ransom was paid. In these cases, the ransom was $5 million and $11 million each – not insignificant amounts. While such attacks are devasting to a company, this type of attack is especially cruel since there are no guarantees that anything will be restored by the attackers after receiving the ransom.

While these attacks were prominently reported in the news media, they represent only the very tip of a much broader issue for manufacturing operations – actually, a much broader issue for all companies, government agencies, and individuals. Historically, the largest network security issue for most manufacturing operations was the introduction and propagation of computer viruses in production equipment. Broader security issues were relegated to the IT (information technology) department, where significant resources were expended to protect business systems from a wide array of security threats. Generally, manufacturing networks received nominal IT support other than the IT department’s best efforts in isolating the manufacturing network from the balance of the company’s systems. 

With the evolution and growth of digital manufacturing technology, this situation is changing. Manufacturing network systems are becoming as advanced as the IT networks found in other parts of the business. These networks involve many of the same computing technologies and numbers of connections – and in many cases more connections – as traditional IT networks. As these networks grow in complexity, they also become subject to the same security threats found in other parts of the business. 

While IT networks and digital manufacturing networks share many of the same technologies and consequently the same risks, there are significant differences in these two network environments which dictate that traditional IT network policies, procedures, and security implementations cannot easily be applied to manufacturing networks. To differentiate between these two network environments, manufacturing networks are designated as OT (operational technology) networks. 

The two biggest differences between IT and OT networks are (1) the age of equipment and other technologies connected to these networks and (2) the different operational characteristics of manufacturing systems. Typically, 20%-25% of the equipment connected to an IT network is replaced or upgraded every year – meaning most equipment on those networks is less than four to five years old. For manufacturing equipment, typically only 3%-4% of equipment is replaced annually – meaning it is not uncommon to find 20-to-30-year-old equipment connected to an OT network. Many of the security technologies applied in an IT network are incompatible with much of the equipment in the manufacturing environment. Additionally, normal IT security procedures, such as software updates, reboots, password changes, logon/logoff policies, etc., are generally not compatible with the operation of many manufacturing systems. 

Solutions for protecting manufacturing equipment from cybersecurity threats are evolving, but many of the current solutions are not ideal. AMT is undertaking a project to identify key factors associated with OT network security and related topics to be addressed in support of the growth of digital manufacturing. The outputs of this project are intended to raise awareness of cybersecurity threats to the manufacturing environment, identify resources to assist companies in addressing cybersecurity threats, and foster increased collaboration between equipment and control system suppliers and the companies deploying those systems in their manufacturing operations. 

John Turner
Director of Technology for FA Consulting & Technology (FAC&T) and member of the MTConnect Institute.
Recent technology News
One of the biggest threats to a company’s cybersecurity is its employees. Promoting cybersecurity means focusing on reducing human error and promoting cyber hygiene.
Collaboration = manufacturing. Check your chips. Who doesn’t like new materials? 5G in manufacturing. We are living in the future.
Meta manufacturing. Modest comeback in factory jobs. 5G-enabled students. Augmented reality isn’t dead yet. Bing is back.
Check in for the highlights, headlines, and hijinks that matter to manufacturing. These lean news items keep you updated on the latest developments.
Challenges faced by manufacturers. No more greasing ball bearings??? In-field inspection. Making additive more better. Automating customers.
Similar News
By Michelle Edmonson, CEM | Sep 25, 2023

Buckle up and join Max and Travis Egan as they talk about the thrills of visiting innovative automotive companies in the premiere of the third season of “Manufacturing Explorers,” an IMTS+ Original Series.

4 min
By Peter R. Eelman | Sep 28, 2023

The industry has witnessed remarkable advancements empowering manufacturers to think differently and create unprecedented solutions.

6 min
By Gary Vasilash | Sep 27, 2023

If you want to be a supplier to many major companies, then sign on to environmental practices. A great way to get started that can be hugely beneficial is to pull out that lean production manual that may be collecting dust on an office shelf.

10 min