Now Hiring: Are you a driven and motivated 1st Line IT Support Engineer?

Blog

Securing Manufacturing Systems

11-5522_110052270_APC_Screens_edits
Cybersecurity

Securing Manufacturing Systems

The Colonial Pipeline incident shows us why ransomware is so devastating for manufacturing companies. Despite recent news that the pipeline has resumed normal operations, there is little doubt that the cost to both the business and its consumers has been tremendous. The ransomware attack left millions of consumers faced with gas shortages. Further complicating gas delivery was a shortage of truck drivers, many of whom were laid off during the Covid-19 pandemic.

Colonial Pipeline is a case study on why and how it is crucial to lock down and secure manufacturing, controls, and automation environments. At the heart of the issue is the technology used to build the operational technology (OT) and the way these networks are designed. Most manufacturing environments are faced with the dilemma of million-dollar machine tools: packaging & palletizing robots, CNC routers, press brakes, welding robots, etc. being controlled by proprietary PC configurations. 

While one expects a 5-million dollar machine tool to last decades, PCs are built to last 3 years. As time passes, the PCs will no longer have any cyber-security, having been built and deployed years ago. Further complicating this issue is that many of these same systems are connected to the internet for remote support, or so staff can control them from other locations.

While it may be surprising, most of these systems have no backup and restore capability. The software used to back up older technology is also obsolete, and replacement parts are not available. Thus, when a ransomware attack happens, your tools and controls will go down with no remedy to get them going again outside of complete replacement of the PC configurations.

Steps to take:

  1. Contact your machine tool, automation, and industrial control vendors and ask them for replacement systems you can have on hand.
  2. If the vendor insists they have a backup system that works, require them to state how long it will take, and then test it.
  3. Have your IT people create an ‘air-gapped’ separate network to ensure these older PCs are not connected to the internet.
  4. Cancel and remove any remote connections to vendors. They will need to come on-site to do their work.