Manufacturing equipment cyber attacks

Why is manufacturing equipment particularly vulnerable to cyber attacks?

The CISA (Cyber Security & Infrastructure Security Agency) issued an ICS Alert November 17th, calling out a particular vulnerability in critical manufacturing equipment.  Industrial Control Systems (ICS) are a too-often overlooked cyber security vulnerability in manufacturing.  You can see the alert here for the technical details.

Our immediate interest is in highlighting the broad-based tendency for increased security vulnerability in manufacturing equipment.  For those industries directly involved in critical infrastructure, cyber security is a given.  However, the vulnerability spans much wider than critical infrastructure, such as power plants or transportation.  Common manufacturing equipment, such a CNC machines, are increasingly targets of cyber attacks.  That’s because they are unusually vulnerable. 

Manufacturing equipment often has a lifespan significantly longer than the underlying computing equipment that controls it.  We hear too often about manufacturing equipment running on outdated Windows XP computers.  And therein lies the problem.  Old operating systems are not updated (patched) to keep pace with current cyber threats.  This could be due to expensive software licenses tied to the manufacturing equipment, or simple oversight of this vulnerability.  This, coupled with the tendency to connect everything to the network and/or Internet creates the unique vulnerability for manufacturers.

What does this mean for manufacturers and their IT partners? 

You and your IT team (internal or your Managed Service Provider (MSP)) need to pay particular attention to these vulnerabilities.  If your operating systems are outdated, or other hardware has vulnerabilities, this can not only be a threat to the availability of the manufacturing equipment (denial of service attacks), but can also expose a path into your broader network and associated data. 

Ideally, your manufacturing equipment is patched and updated on a similar cadence as your computing equipment.  However, if you can’t achieve that for expense or other reasons, you can plan other remediation, such as isolating the equipment from the network and particularly from the Internet. 

For more information on manufacturing vulnerabilities, including evolving CMMC requirements, we invite you to reach out for a discussion.  Contact us here.