Skip to main content
Marsh logo

Article

Mitigating cyber risks in industrial control systems

Manufacturers are intensifying their cyber risk footprint as automation and connectivity grows in production lines.

Engineer check and control welding robotics automatic arms machine in intelligent factory with monitoring system software. Digital manufacturing operation. Industry. Generative AI
Person's name and title

By Jano Bermudes

Head of Cyber Risk Consulting, UK & Ireland

12/04/2023 · 5-minute read

Manufacturers are intensifying their cyber risk footprint as automation and connectivity grows in production lines.

Automation systems or industrial control systems (ICS), are becoming increasingly more important amongst manufacturers seeking improvement in production output or throughput. ICS can provide heightened product quality through consistency of manufacturing or increased efficiency. Cost savings can also be achieved through minimising energy usage, decreasing manufacturing carbon footprints, and minimising labour requirements.  

ICS systems are rapidly becoming more interconnected with the external worldwide web; use of various control systems and control devices are strengthening this trend.  Algorithms, device communication, and inter-connectivity sophistication throughout the network has improved between manufacturing machinery and soft logic control. However, the increased connectivity transforms risk profile for ICS systems that had generally only been installed on standalone machines or connected only within single factory floors.

Increasing use of technology brings changes to the risk environment

ICS systems are not invulnerable to cybersecurity risks. The following examples demonstrate the operational disruption and severe impact cyber-attacks can cause:  

  • A Japanese automotive factory in was forced to shut down due to the ‘WannaCry’ ransomware virus. The production of 1,000 units was subsequently disrupted.[1]
  • Predatory Sparrow, a hacking group, claimed responsibility for an attack that started a fire in an Iranian metals’ product plant. The fire caused molten metal to spray across the steel factory floor from a compromised machine.[2]
  • A vulnerability in a company’s firmware utilised in a customer’s industrial manufacturing plant allowed hackers to introduce malware into the plant due to flaws in its security procedures that gave access to some of its stations, as well as its safety control network.  The hackers had apparently intended to manipulate the layers of built-in emergency shutdown protocols to keep the system running while they bored deeper into the system and gained more control. [3]

Other IT, or non-ICS, cybersecurity incidents that triggered business disruption further exposes the potential vulnerabilities between dependent IT and ICS environments. Production facilities, such as aluminium producers[4] or an oil pipeline[5], have been victims to recent ransomware attacks. Furthermore, the WannaCry ransomware variant, that forced shutdown of a semiconductor’s chip-fabrication factories[6], displays the havoc cyber-attacks can wreak on major global technology companies. This, pertinent example, could be a catalyst for manufacturers to consider their supply chain dependencies.

Potential areas of risk for ICS systems

  • Access management
    • Insecure passwords
    • Integrating legacy systems or standalone control systems into the wider network, exposing their inherent lack of security protocols
    • Management control and monitoring of vendors and all third parties access to parts of the ICS system
    • Connectivity to wider organisational systems such as financial, procurement, maintenance, asset management and other corporate systems. Poor firewalls and network segregation give potential for third party access to ICS networks via IT systems
    • Connectivity of the ICS system and IoT equipment to the wider internet exposing potential vulnerabilities
  • System updates
    • Irregular software updates and patch management to minimise production disruption
  • Communication – messaging / transmission
    • Non-encrypted communication
    • No device authentication (i.e. connecting an IoT device to networks without authorisation or authentication)

Risk considerations, controls, and mitigations

Manufacturing organisations should consider the following when constructing ICS systems:

  • Review current security architecture to identify gaps.  Where possible, upgrade systems to more secure versions and standards.
  • Update passwords and consider changing factory-set usernames and passwords. Enforcing strong password security practices is crucial, such as, mandatory complex, 14 character plus passwords or password vaults.
  • Consider limiting the amount of privileged accounts (including third party, vendor management and access). Enabling use of multi-factor authentication (MFA) for network access is also a positive step.
  • Identify the ICS network connectivity into non-ICS networks and domains such as corporate systems and the external web.  Review whether connection is required, and if so, ensure security such as: firewalls, network segregation, transmission encryption, and access management is installed.
  • Implement – where possible - network monitoring, event logging, alerting, and automated response solutions.
  • Before implementation, review the potential cyber security gaps or flaws of emerging and new technology. Network architectures and communications protocols are good examples of this, as well as, ensuring that security controls have been independently reviewed and tested.
  • Identify key supplier dependencies and assess their cyber risk profiles.  The organisation could implement mitigation and contingency plans in the event of supplier failure, as well as, requesting suppliers improve their own cybersecurity posture.
  • Identify key customers in order to implement mitigation and contingency plans that limit liability and reputational damage, to both the organisation and its customers, in event of cyber-attack.
  • Cybersecurity training and awareness. Employees are often the first line of defence. Providing staff with regular training and awareness programmes to identify, report, and take necessary precautions to protect against cyber-attacks.
  • Ensure incident response plans are established with personnel sufficiently trained for all operations. Plans should be reviewed, tested, and simulated on a minimum annual basis.

The rapidly shifting technology environment - coupled with increasing sophistication and connectivity of industrial control systems - requires manufacturers to consult with their advisers to ensure cybersecurity risk controls have been established.  Current architecture should also be analysed. Potential risks must be mitigated and viable, progressive roadmaps should be formed. It is imperative best practice is in place to reduce any impact from a cyber event.

Thank you to Chris Beh for contributing towards the content. If you have any questions please contact us

References:

[1] Cyber Attack At Honda Stops Production After WannaCry Worm Strikes

[2] Predatory Sparrow: Who are the hackers who say they started a fire in Iran?

[3] Menacing Malware Shows the Dangers of Industrial System Sabotage

[4] Hackers hit Norsk Hydro with ransomware. The company responded with transparency

[5] Colonial Pipeline boss confirms $4.4m ransom payment

[6] TSMC Chip Maker Blames WannaCry Malware for Production Halt

Related insights

Robotic assembly line in an automotive factory

Article

Becoming recall ready in the evolving automotive landscape

07/09/2023
Speeding car in tunnel

Event

Marsh McLennan Automotive Summit

19/04/2023
Chassis of the electric car with powertrain and power connections closeup. Blue toned. EV car drivetrain at maintenance

Article

Electric vehicles and Li-ion batteries: risk management considerations

23/08/2022
Modern High Tech Authentic Robot Arm Holding Chip

Article

The Growing Use of Automation in Manufacturing

04/11/2021
View more