Cyberthreats Affect More Than Your Network

By Lee Lane, chief product security officer, Rockwell Automation

Safety and security have traditionally been viewed as separate entities, but in industrial production, your safety and security programs are inextricably linked.

Attackers often go after safety systems, because safety systems detect faults, alert operators and automatically intervene. By disrupting safety systems, security breaches can force a standard control system to operate beyond its safety parameters, damage equipment and the environment, or even place employees and the general public in unsafe situations.

Therefore, you must address how cybersecurity threats affect your safety strategy. Real-time production intelligence is the key.

When discussing digital manufacturing and the IIoT, focus on the inherent safety implications of common security risks. The IIoT is the convergence of enterprise-level IT and plant-level operations technology (OT) systems to help companies access production, quality, safety and other data. The Connected Enterprise® connects people, processes and things into a common network infrastructure and harnesses the power of enabling technologies, from data and analytics software to smart devices that make up the IIoT.

What does The Connected Enterprise® mean for manufacturers? It means using production intelligence for measuring and improving nearly every aspect of their operations, including quality, productivity, uptime and overall equipment effectiveness (OEE). It means enterprise-wide connectivity for instantaneous information sharing and seamless collaboration across an organization. It means remote monitoring of critical local and remote production assets.

The Connected Enterprise® offers accessibility to device and operational status, motion monitoring, error and stoppage codes, and other secured safety-system data. With the ability to capture and analyze massive amounts of operational data accurately and thoroughly, safety personnel who have a real-time understanding of worker behaviors, machinery compliance and system details can move from merely describing what went wrong to predicting and preventing incidents.

The Connected Enterprise® helps industrial automation professionals gain a better understanding of risks and transform company-wide operations with safety and security in mind — enhancing safety and security in all aspects.

To mitigate security risks, many of our users are tapping IIoT technology to remotely access production machinery, allow wireless access to pumping stations, or connect plant-floor equipment to the IT infrastructure. This Connected Enterprise is the future — how they can realize improved asset utilization, faster time to market and lower total cost of ownership.

Opportunity Brings Risk

But for all the opportunities The Connected Enterprise® brings, there are also risks. More connection points can create more entrance points for security threats, which can be physical or digital, internal or external, and malicious or unintentional. And they can pose a danger in many ways, including intellectual property loss, disrupted operations and compromised product quality. Safety is perhaps the least discussed implication of security threats.

Therefore, you need to start thinking of safety and security in relation to each other. To do this, consider the “three Cs of safety,” which is a set of practices that best-in-class manufacturers share:

• Culture (Behavioral): Employee and company behaviors — including values, priorities, attitudes, incentives and beliefs — that help define how well a company embraces safety. In addition to protecting intellectual property, processes and physical assets, security personnel should make protecting safety systems a core value in everything they do. Greater collaboration between Environment, Health & Safety (EHS), operations and IT teams also is more important.
• Compliance (Procedural): Policies and procedures that help a company achieve compliance with appropriate safety standards. Compliance efforts should meet the security requirements in safety standards, such as IEC 61508 and 61511. Conversely, security efforts should follow a defense-in-depth (DiD) approach, which is recommended in the IEC 62443 (“Security for Industrial Automation and Control Systems”) standard series.
• Capital (Technical): Contemporary safety technologies and techniques that help optimize both safety and productivity. Use safety technologies with built-in security features, and security technologies that both help protect against safety-system breaches and support speedy recoveries should a breach occur.

Dangerous Breaches Already Happening

Security breaches and vulnerabilities resulting in safety risks aren’t just theoretical. They’re a reality:

• An oil pipeline was hacked in Turkey, causing an explosion and 30,000 barrels of spilled oil. The cyber attackers negated the existing safety system to shut down alarms, cut off communications and super-pressurize crude oil in the line.
• A regional water supplier experienced a cybersecurity breach that not only compromised customer data, but caused unexplained valve and duct movements, including manipulation of programmable logic controllers (PLCs) that “managed the amount of chemicals used to treat the water to make it safe to drink.”
• A cyberattack on a German steel mill resulted in parts of the plant failing and a blast furnace that couldn’t be shut down through normal methods. The plant suffered “massive damage.”
• The U.S. Food and Drug Administration (FDA) put out an alert to medical device manufacturers and health care facilities about certain medical devices being vulnerable to security breaches. One of the vulnerabilities cited was the potential for the devices to be infected or even disabled by malware.

As you can see, breached machine- and process-safety systems can create cascading safety consequences. Compromised safety systems that don’t stop machines when they reach a dangerous state or when a safety device is triggered can expose workers to the very threat from which they were supposed to be protected.

Additionally, safety systems that aren’t able to stop production beyond certain operating conditions can expose other employees or an entire plant to risks, such as fires, chemical leaks or explosions.

Key Risk Types

Security risks can take many forms, including:

• Employee Errors. One of the most common security risks comes from innocent mistakes. This could include employees or contractors who unwittingly make a network misconnection, download the wrong program to a controller, or plug an infected device into the system.
• Disgruntled Employees. Current or former employees familiar with an organization’s control system and industrial network can present security and safety threats. A prime example involved a worker in Australia who broke into a sewage-equipment control system installed by his former employer and caused 800,000 liters of raw sewage to spill into local parks and rivers.
• Hackers Seeking Political or Financial Gain. A manufacturer’s intellectual property can be a lucrative target for hackers. They might want to disrupt an industrial operation for financial, competitive or political reasons.
• Corporate Espionage. State-sponsored espionage targeting high-value infrastructure and production assets is a constant threat. U.S. Department of Justice officials have said that thousands of companies have been targeted and that such activities represent a “serious threat” to national security.
• Cyberterrorism. Malicious acts could seek to disrupt, infect or cripple critical infrastructure. Potential targets include nuclear plants, water supplies and oil refineries. One such alleged attack involved hackers attempting to seize control of a small dam in New York. The attack failed because the dam was off-line for maintenance.

Production Intelligence

The concept of digital transformation is bringing production intelligence to industrial firms for measuring and improving nearly every aspect of their operations. For these opportunities, more connection points can create more entrance points for security threats. You must account for and address how these threats impact the safety of your people, your infrastructure and the environment around your operations.

By integrating safety and security programs, aligning with industry best practices and following key steps, you can assess, manage and mitigate the safety implications of security risks in a Connected Enterprise.

Learn about Rockwell Automation Industrial Security.