IT in Manufacturing


Mitigate industrial network vulnerabilities

July 2021 IT in Manufacturing

Since industrial networks are primarily built and expanded to address growing business demands, it may be easy for administrators to overlook common system vulnerabilities. For example, when adding a device to a newly built or expanded network, do you know which industrial Ethernet switches have unlocked ports? Or, do you simply connect new devices without a second thought?

It must not be forgotten that ignoring common system vulnerabilities in today’s world could put your entire network at risk.

Stage 1 vulnerabilities: exploration and infiltration

Recall the last time you logged onto your network. How complex was your password? Although weak passwords may be easier for busy administrators to remember, they are also easier for malicious actors to crack through a brute force attack. By scanning your network, hackers can identify open ports and infiltrate your network just like a burglar entering through an unlocked gate.

How to mitigate

One of the simplest ways to enhance your network security is to ensure that users create a sufficiently complex password to reduce the likelihood of an attacker guessing your credentials by brute force. For additional security, you should also consider a login failure lockout mechanism that limits the number of unsuccessful login attempts, which may indicate a brute-force attack. To protect your network from port scanning, you can create a whitelist of ports that are accessible through your firewall and also disable WAN pinging.

Stage 2 vulnerabilities: utilisation and network control

During the second stage of a cyberattack, the malicious actor has already infiltrated the network and is using resources on the network for their own purposes. Even though they are not actively wreaking havoc on the network, they are secretly gathering information and laying the groundwork for a more harmful attack.

How to mitigate

To limit the attacker’s ability to move throughout your network and commandeer your devices, we recommend network segmentation and traffic control. For example, you should partition your network into smaller segments and control the communications that pass through these segments. In addition, deploying whitelist control to prevent command injection can also limit the severity of the security breach.

Stage 3 vulnerabilities: services and data disruption

Stealing or destroying critical business data from networks will be costly and harmful to any organisation. However, these malicious actions are far from the worst-case scenario of a successful cyberattack. During the last stage of a cyberattack, the hacker is no longer studying networks but actively causing damage.

During stage 3 of a cyberattack, the hacker could make a machine or network resources unavailable to authorised users by temporarily or indefinitely disrupting services on a host. This is typically called a Denial of Service (DoS) attack, which involves flooding a targeted machine in an attempt to overload it with pings. Furthermore, a hacker could unleash malware, including ransomware to deny you access to your network resources until a ransom is paid.

How to mitigate

Although damage has already been done by the time the cyberattack reaches stage 3, you can still mitigate the overall harm to your network by ensuring sufficient DoS or DDoS (distributed DoS attacks that involve multiple systems) protection and deploying industrial IPS (intrusion protection system) for ransomware and other malware. You should also maintain reliable system backups and blacklist unauthorised protocols to minimise data loss.


Credit(s)



Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The most common cyber threats in the industrial environment
Rockwell Automation IT in Manufacturing
Rockwell Automation’s cybersecurity portfolio strategic growth leader delves into this topic in a recent blog post.

Read more...
Deploying IT into the factory floor environment
Omniflex Remote Monitoring Specialists IT in Manufacturing
The ongoing debate on whether OT and IT should be integrated has never been more intense. Closing the gap between the two has many benefits, not least of which are efficiency and profitability managed in near real time.

Read more...
PACTware further refines user interface
VEGA Controls SA IT in Manufacturing
Optimising a user interface for multiple sensor equipment manufacturers is possible in such a way that industrial users can use it similarly to everyday smart devices.

Read more...
EPLAN Marketplace networks users and service providers
EPLAN Software & Services IT in Manufacturing
The free online platform is divided into engineering services, module manufacturing services and general consulting sectors.

Read more...
Condition monitoring software gets asset health boost
Emerson Automation Solutions IT in Manufacturing
The newest version of Emerson’s AMS Machine Works adds support for embedded, automatic analytics at the edge using patented PeakVue technology.

Read more...
A robust cybersecurity strategy is critical
ABB South Africa IT in Manufacturing
Understanding and managing the risks associated with a cyberattack can seem a daunting prospect in the face of keeping a plant up and running.

Read more...
Is your manufacturing plant ready for IoT?
Editor's Choice Fieldbus & Industrial Networking IT in Manufacturing
Pockets of IoT exist in manufacturing plants today; the challenge is to fully digitalise the entire plant.

Read more...
Extend the life of your legacy devices
RJ Connect Fieldbus & Industrial Networking
If your serial-based machines or devices have been running for decades and helped your business grow, you might worry about how long you can still hold on to these assets. In this article, we highlight three major challenges you will face when enabling serial connectivity between your legacy devices and modern systems. We also provide expert tips to make your upgrade easy.

Read more...
Revolutionising space exploration
Siemens South Africa IT in Manufacturing
Sierra Space, a commercial space company at the forefront of creating and building the future of space transportation for low earth orbit commercialisation, has implemented the Siemens Xcelerator portfolio of software and services as the foundation of its next-generation digital engineering program.

Read more...
Impact of innovative technologies on the mining industry
Parker Hannifin - Sales Company South Africa Editor's Choice IT in Manufacturing
Mining operations must identify creative ways to handle the increased demand for minerals and resources as global economies become even more reliant on mineral sales. As a result, mine operators must ...

Read more...