Cyber security has been top of the agenda for many businesses following the global Wanna Decryptor (WannaCry) ransomeware attack that grabbed headlines in May, 2017. The latest in a line of high profile attacks, WannaCry saw over 45,000 attacks recorded in almost 100 countries, including the UK, US, India and China.
Robert Glass, global food and beverage communications manager at ABB, offers advice on how to ensure your manufacturing process is kept secure.
As food manufacturing plants become more connected through the Industrial Internt of Things (IIoT), the threat of cyber-attacks and how much damage they can do, has increased.
IIoT is creating many exciting opportunities for the manufacturing industry; however, the increased use of connected devices and systems has also resulted in a rise in cyber-attacks. For many, the phrase cyber-attack conjures an image of email hacking and stolen bank details, but it can have a significant impact on plant processes and production if systems are not protected correctly. While it can be difficult to prevent a cyber-attack from happening, there are a number of precautions manufacturers can take to minimize risk and protect themselves.
Identifying the gapsResearch conducted by the UK government found that while one in four large firms experience a breach in cyber-security at least once a month, only half have taken any action to address vulnerabilities. Furthermore, only one third of the firms surveyed had any form of cyber security policy at all.
The first step in securing your plant’s system is to quickly identify the devices and software that are most vulnerable. To do this, plant managers should appoint an individual or team, dependent on the size of the facility, that takes responsibility for cyber security. Once appointed, they should conduct an in-depth security assessment and establish a program of regular monitoring to identify weaknesses and the actions that need to be taken to improve security.
Many plants now operate a bring your own device (BYOD) policy, allowing employees to access systems, software and networks through their own devices. The concept brings with it many benefits, including increased productivity and reduced IT costs. However, it is important that there is a security policy in place to ensure breaches do not occur.
The biggest cause of breaches is the lack of a functional firewall and up-to-date firmware across a business. Firewalls are often the first line of defense against a cyber-attack, protecting the perimeter of a network. Users must ensure that their devices have the latest software updates, as they often include security patches to protect against new cyber threats. Cyber attacks are constantly evolving to get around security protocols, so it is vital that the software on any device accessing the network is up-to-date. Connecting to unsecure Wi-Fi and Bluetooth networks can also pose a danger. Security managers should ensure users always connect to secure networks that are password protected.
Standards and policiesThe digital landscape is constantly evolving and, as such, the standards and policies that business put in place to protect themselves should also adapt. There is no single solution to protect all businesses, so it is important to seek the advice of organisations, such as ABB, to create a company-wide policy that can detect, deter and prevent the threat of a cyber attack. In additon to a company’s IT network with traditional laptops, many food and beverage manfuacturers also maintain a connected automation network. This network controls a manufacturing plants production; from simple control like mixing bagel dough to more potentially dangerous processes like decanting oils (where high kenetic speeds can pose safey hazards). Recipies are managed on these systmes, and companies have a large financial interest in also protecting their automation networks from cyber attacks.
Software, like the ABB Ability™ System 800xA, provides bespoke cyber-security solutions across an entire system life cycle, with multiple layers of security controls that are continually updated.
Even with a robust security system in place, it is vital that manufacturers keep an off-site back-up to ensure data is protected in the event of cyber attack. Keeping this back-up off-the-grid will ensure a much smoother recovery process of critical data. While awareness of cyber-attacks has risen since May, businesses must now move to take action and ensure their systems are adequately protected. The WannaCry ransomeware attack has proven that all businesses are vulnerable, no matter their size and that no one can take cyber security for granted.