Featured Image

Manufacturing is Under Attack

Many in our industry are aware of the recent cyberattacks on Colonial Pipeline and JBS Foods. Both situations were ransomware attacks where the “bad actors” took control of all, or part, of the businesses’ computing resources until the ransom was paid.
Jul 29, 2021

Many in our industry are aware of the recent cyberattacks on Colonial Pipeline and JBS Foods. Both situations were ransomware attacks where the “bad actors” took control of all, or part, of the businesses’ computing resources until the ransom was paid. In these cases, the ransom was $5 million and $11 million each – not insignificant amounts. While such attacks are devasting to a company, this type of attack is especially cruel since there are no guarantees that anything will be restored by the attackers after receiving the ransom.

While these attacks were prominently reported in the news media, they represent only the very tip of a much broader issue for manufacturing operations – actually, a much broader issue for all companies, government agencies, and individuals. Historically, the largest network security issue for most manufacturing operations was the introduction and propagation of computer viruses in production equipment. Broader security issues were relegated to the IT (information technology) department, where significant resources were expended to protect business systems from a wide array of security threats. Generally, manufacturing networks received nominal IT support other than the IT department’s best efforts in isolating the manufacturing network from the balance of the company’s systems. 

With the evolution and growth of digital manufacturing technology, this situation is changing. Manufacturing network systems are becoming as advanced as the IT networks found in other parts of the business. These networks involve many of the same computing technologies and numbers of connections – and in many cases more connections – as traditional IT networks. As these networks grow in complexity, they also become subject to the same security threats found in other parts of the business. 

While IT networks and digital manufacturing networks share many of the same technologies and consequently the same risks, there are significant differences in these two network environments which dictate that traditional IT network policies, procedures, and security implementations cannot easily be applied to manufacturing networks. To differentiate between these two network environments, manufacturing networks are designated as OT (operational technology) networks. 

The two biggest differences between IT and OT networks are (1) the age of equipment and other technologies connected to these networks and (2) the different operational characteristics of manufacturing systems. Typically, 20%-25% of the equipment connected to an IT network is replaced or upgraded every year – meaning most equipment on those networks is less than four to five years old. For manufacturing equipment, typically only 3%-4% of equipment is replaced annually – meaning it is not uncommon to find 20-to-30-year-old equipment connected to an OT network. Many of the security technologies applied in an IT network are incompatible with much of the equipment in the manufacturing environment. Additionally, normal IT security procedures, such as software updates, reboots, password changes, logon/logoff policies, etc., are generally not compatible with the operation of many manufacturing systems. 

Solutions for protecting manufacturing equipment from cybersecurity threats are evolving, but many of the current solutions are not ideal. AMT is undertaking a project to identify key factors associated with OT network security and related topics to be addressed in support of the growth of digital manufacturing. The outputs of this project are intended to raise awareness of cybersecurity threats to the manufacturing environment, identify resources to assist companies in addressing cybersecurity threats, and foster increased collaboration between equipment and control system suppliers and the companies deploying those systems in their manufacturing operations. 

John Turner
Director of Technology for FA Consulting & Technology (FAC&T) and member of the MTConnect Institute.
Recent technology News
Check in for the highlights, headlines, and hijinks that matter to manufacturing. These lean news items keep you updated on the latest developments.
Challenges faced by manufacturers. No more greasing ball bearings??? In-field inspection. Making additive more better. Automating customers.
Lean leadership. Manufacturing: there’s an app for that. Reshoring is real. Shrinkflation fit tooling. What do you call a hedgehog with ADHD.
Chinese hi-fi showed a strong performance-per-dollar-value prop in the sector of in-ear monitors (IEMs). IEMs are like fancy earbuds, but they work like sound-isolating earplugs with extreme definition sound reproduction.
Martian gears. Increase profits by sustainable manufacturing. Don’t forget your identity. Artificial intelligence and quality. Value of a production lab.
Similar News
By Catherine “Cat” Ross | Nov 14, 2022

An all-female team of mechatronics apprentices took first place in a live, cyber-physical learning environment at the IMTS 2022 Smartforce Student Summit.

6 min
By Gary Vasilash | Nov 30, 2022

If this were a movie, you might want to head for the exit. But sticking around – which may not be easy – can be rewarding.

10 min
By Stephen LaMarca | Nov 25, 2022

If you manufacture it, Gen Z will come. Two-photon lithography. SI units have officially been expanded. Is the infinite cloud just smog? Coming up: engineering workforce webinar.

5 min