At a time when Factories 4.0 are revolutionizing our industries, the security of industrial information systems has become a significant concern. While the interconnection between information technologies and industrial systems offers unprecedented opportunities, it also requires constant vigilance in the face of cyber threats. Here’s why.
The evolution of industrial information systems means compromised security
The development of industrial information systems has led to their extensive computerization and interconnection with the Internet and conventional information systems. Industrial IT has also been revolutionized by the emergence of Industry 4.0 and the increasing data exchange between devices.
Today’s industrial systems are made up of physical equipment within the plant, driven by control systems, and linked to information systems for data analysis. Industry 4.0, therefore, relies on the rise of the Industrial Internet of Things (IIoT), which brings together a wide range of applications for monitoring plant status. This close interconnection of all parts of the plant has led to an unprecedented increase in the use of connected devices: robotics, AGVs (Automated Guided Vehicles), AMRs (Autonomous Mobile Robots), augmented reality software, sensors and connected objects, the cloud.
While these technological advances make industrial production more efficient, they expose industrial systems to the same threats as traditional information systems and even more significant vulnerabilities. Interconnected industrial I.T. networks create multiple potential entry points, often still wide open to cyber attackers.
For example, the growing complexity of Factory 4.0, with its layered technological architecture, including cloud, 5G, and numerous software applications, requires particular attention to cybersecurity.
Industrial information systems security: the state of play
The latest data from France’s Direction Générale des Entreprises (DGE) are unequivocal: threats on the industrial DNA have never been greater. A trend confirmed by the Kaspersky ICS Security Survey (2022) reveals that 91% of industrial organizations encountered at least one security problem in their IoT environment in 2021.
There is plenty of examples to illustrate these figures. Numerous industrial companies in all sectors have been attacked in recent years, sustaining considerable damage.
|2017||Saint-Gobain||Materials production and distribution||Ransomware NotPetya||Production halt, loss of sales, restoration costsCost of the incident was estimated at 250 million euros|
|2017||Merck||Pharmaceutical industry||Ransomware NotPetya||Production halt, loss of sales, restoration costsThe cost of the incident was estimated at $670 million|
|2021||Pierre Fabre Group||Pharmaceutical and dermo-cosmetic industry||Ransomware||The plant shutdown for 4 weeks, warehouses closed for 2 weeks, and collaborative tools and the website were unavailable|
|2021||Town of Oldsmar, Florida||Water treatment plant||Control via TeamViewer||Change in sodium hydroxide content in water (10-fold increase)Attack foiled in time by a company employee, preventing the poisoning of the city’s water supply network|
|2022||Knauf||Building and construction materials||Ransomware Black Basta||IT system’ shutdown, disruption of all production sites worldwide, 20% of the files stolen by the attackers were leaked|
|2022||Toyota||Automotive industry||Supply chain attack||One-third of the world’s production is at a standstill|
Industrial information systems security: what are the threats?
A look at some of the most significant cyberattacks of recent years shows that manufacturers from all walks of life have fallen prey to cyberattackers, generating hundreds of millions of dollars in damage.
Ransomware, phishing, malware, supply chain attacks, denial-of-service attacks… Many types of cyberattacks involve various threats: sabotage, extortion, industrial espionage, intellectual property theft, data disclosure…
The consequences of a cyberattack targeting an industrial site can be disastrous for a company, regardless of its size. Among the repercussions of a cyberattack, the main ones are higher operating costs, destruction of computer equipment, leakage of private data, slowdown of activity, plant paralysis, and even impact on the company’s share price, if applicable. Therefore, the challenges of protecting industrial information systems are of strategic importance.
Protecting industrial information systems: what’s at stake?
A cyberattack affecting a company’s IT environment can cause a great deal of damage:
To limit the risks, regulations are getting tougher and forcing organizations to protect themselves better: the NIS2 directive, Cybersecurity Act, GDPR… If a cyberattack reveals a company’s failure to comply with its regulatory obligations, it risks legal proceedings and criminal penalties amounting to several thousand euros.
The financial repercussions of a cyberattack can be considerable. First of all, the attack can temporarily interrupt the company’s industrial activities, resulting in a loss of revenue. Moreover, repairing the damage caused by the attack often requires intensive and costly technical work. On average, 7% of companies hit by an IT attack report a shortfall in annual sales (CESIN, 2022).
In the event of a cyberattack, although the company may be the victim, it is often considered partly to blame for the lack of adequate security. A cyberattack can damage brand image and trust, with customers turning to competitors.
Data theft, industrial espionage, theft of intellectual property… Specific cyber threats can represent a goldmine for the company’s competitors under attack, thanks to disclosing confidential industrial information.
Some cyberattacks can be directed against industries of strategic importance to governments, such as arms, aerospace, pharmaceuticals, etc. These cutting-edge industries rely on sensitive data, which, if exploited, can have disastrous geopolitical consequences.
Some cyberattacks – such as the Oldsmar water treatment plant takeover – can affect a population’s health. This type of event demonstrates that the consequences of a cyberattack can go beyond business issues and represent a direct threat to the health of the local population.
Finally, some cyberattacks can have harmful consequences for the environment, with long-term repercussions. Taking control of power plants, chemical plants, or waste management centers could release toxic substances into the environment, causing severe environmental pollution.
Protecting industrial information systems: a vital necessity
Although cybersecurity awareness for industrial systems is growing, it is still not widely integrated. Some manufacturers still think they’re safe from cyberattacks or well protected… when few are.
To cope with the growth in cyber threats, it is therefore essential to put in place robust protection measures to prevent attacks, ensure data confidentiality, protect critical infrastructures, and guarantee the continuity of industrial operations. Collaboration between cybersecurity experts, industry professionals, and decision-makers is essential to meet these challenges and address emerging threats to industrial information systems.
One of the first steps in achieving this is to identify vulnerabilities in the information system and then deploy the appropriate remediation measures. There are several ways to do this, such as:
- Pentest as a Service: a security audit launched in less than a week for a flat fee. Uncover most of the vulnerabilities in a product and assess its security level at a given point in time, or schedule several pentests throughout your development life cycle as part of a DevSecOps approach.
- Bug bounty: a hunt for in-depth vulnerabilities with the elite hackers of the Yogosha Strike Force. Identify the most critical vulnerabilities on a pay-per-result basis. No vulnerabilities = no expenses, you only reward exploitable results.
As a cybersecurity specialist, Yogosha helps manufacturers protect their information systems – as an example, here’s how we helped Teréga, a major player in gas and energy transport in Europe. Thanks to a dedicated platform and hand-picked security researchers, we can help you identify and correct vulnerabilities in your information systems through Pentest and Bug Bounty operations.
With Yogosha, choose the security solution best suited to your industrial assets according to your cyber maturity, objectives, and budget.