Industry 4.0, also known as the fourth industrial revolution, which we have recently become part of, is increasingly under threat, mainly due to cyber attacks. These attacks target industrial control systems and thus threaten the entire operation of a company (production of products or provision of services). It is becoming increasingly important to focus on cyber security in the industrial sector as well.
Industry 4.0 is bringing major changes to industry and, by introducing individual principles, is changing the overall shape of industry as we know it. The essence is to introduce and implement completely new information technologies and digitize processes, products, services, and equipment. The result of overall digitization should be the so-called Smart Factory, where people, machines, equipment, logistics systems, and products can communicate and cooperate directly with each other. Everyone will be connected to a single network where they will be able to share all information with each other, thus reducing the time needed for data transfer and decision-making. The introduction of such systems will streamline the functioning of society, reduce costs and save resources. However, with all the positives come great risks, namely cyber attacks. These threaten not only information systems, but also industrial control systems, on which the manufacturing process and the digitization of industry depend.
The most famous case is from Iran, which illustrates very well how neglecting security in industrial control systems can cause a major problem not only for an organization but also for humanity. A computer worm known as STUXNET was used in this attack. It was a type of malware (i.e., malicious software) that used an infected data carrier to gain access to the isolated network of an Iranian nuclear facility. This malware posed a real risk because it spread uncontrollably and could not be detected by the systems. It was able to mask itself and thus "look" like a normal part of the operating system. It managed to change settings within the systems, leading to physical damage and material losses. At the same time, it slowed down the Iranian nuclear program.
Another case of cyberattack is the attack on a Ukrainian power plant in 2015. Hackers managed to paralyze the country's distribution network information system, leaving more than 200,000 households completely without electricity.
There are more and more similar cases, threatening not only businesses but also the functioning of entire countries. How prepared is Slovakia for similar attacks?
The National Security Authority publishes a comprehensive report on the state of cyber security in Slovakia every year. The most recent figures are for 2022. Based on this data, Slovakia was mainly threatened by social engineering, which includes phishing attacks via SMS messages, emails, and phone calls. It was in this area that a large number of phishing SMS messages from Slovenská pošta (Slovak Post) occurred. The attacker's aim was to trick the victim into opening a link contained in the message, which contained a virus. The message usually contained information about problems with parcel delivery. However, phishing attacks also took place via email messages. Other types of cyber attacks in Slovakia included DDOS attacks and the spread of malicious code, i.e. malware. Attackers often attempted to penetrate the system and obtain data they were interested in. In many industries, we encounter the problem of password usage policies. Passwords are often not updated regularly, or the same password is used for years.
Based on audits carried out in various industries, the NSA has identified the following problems in particular:
- inadequate cyber security (CS) strategy,
- cyber manager is only a formal role,
- serious deficiencies in asset, threat and risk management,
- contracts with suppliers do not contain provisions on CS,
- lack of training in information security and data protection,
- operational records are not kept,
- no formally defined process for resolving and reporting security incidents,
- no backup plans or backup requirements,
- no testing of emergency plans and continuity plans.
The NSA report provides an individual overview of individual sectors and their cybersecurity status. If you are interested in more information about Slovakia's results, you can find it here: Report on Cybersecurity in the Slovak Republic in 2022.
Looking more closely at the industry itself, the biggest weakness is control systems, whose main task is to manage production. The architecture and software in these systems are often very outdated and represent the biggest weakness. Until recently, these systems were only part of a very small internal network within the company. Today, however, they are connected to large networks and are accessible to a much larger number of people. In most cases, this is seen as an advantage. Management has become more efficient, and information availability and control have been accelerated, but this has also opened up opportunities for cyber threats. Many of these industrial control systems (e.g., production lines) run on outdated operating systems and do not even use basic encryption. Since updating such systems is not considered a necessity (as the line continues to operate without problems), they become relatively easy targets for hackers.
Cyber attacks are constantly improving and becoming more difficult to defend against. That is why we offer several ways to prevent them.
UPDATES – systems must be kept up to date to prevent known vulnerabilities from being exploited. It is also essential to update company policies, monitor trends, and adapt company processes accordingly.
TRAINING – It is essential to train employees in cyber security, how to respond in the event of an attack, how to recognize phishing emails, and much more.
ACTIVE PROTECTION – It is important to have an antivirus program that will protect your systems.
BACKUP – although data backup does not prevent cyber attacks, it can minimize damage and ensure the smooth continuation of company processes.
PLANNING – every company should anticipate the possibility of a cyber attack and prepare accordingly, developing a plan and procedures for each step in the event of a cyber attack.
CHANGE OF MINDSET – It is essential to realize that a cyber attack can affect anyone and that it is necessary to be prepared and follow rules (such as two-factor authentication, network segmentation, and others) that will help us avoid attacks.
Recent years have seen a major shift in technologies specifically designed for industry that can prevent cyber attacks. Of particular interest is the development of a system that focuses on detecting unwanted access to the system, which in the future could ensure smooth operation despite the threat of attacks.
We strongly recommend being prepared for potential threats that could negatively impact the functioning of your company. Don't rest on your laurels, assuming that your production line is functioning and producing, and therefore you have no reason to address its security. The current situation and forecasts show the risks that digitization brings. It is important to prepare for them properly in order to eliminate the negative and highlight the positive that modern technologies can bring to industry.
SOURCES:
Report on cyber security in the Slovak Republic in 2022
