This document discusses cyber security challenges in the manufacturing industry. It provides background on the growth of internet connectivity and cyber attacks over time. Key points mentioned include that digitalization is driving industry 4.0 but also increasing security risks. Manufacturing is now one of the most frequently hacked sectors, with nearly half of all cyber attacks targeting small businesses. The document examines past significant cyber attacks like Stuxnet and those targeting Ukraine's power grid. It also notes that the majority of industrial organization's networks remain vulnerable to remote hackers. Finally, it raises important questions manufacturing executives should consider around protecting industrial control systems and networks from internet threats.

1. Cyber Security in the
Manufacturing Industry
New Challenges in the Information Age

2. Source: Deloitte
Industry 4.0

3. Digitalization is the basis …
Industry 4.0
... for the intelligent networking of business processes, things,
plants, components and people and is the key to future success.

4. YES… and what about security ?

5.  World Wide Web was invented in 1989
Facts

6.  World Wide Web was invented in 1989
 The first-ever website went live in 1991
Facts

7.  World Wide Web was invented in 1989
 The first-ever website went live in 1991
 Today there are more than 1.2 billion websites
Facts

8.  World Wide Web was invented in 1989
 The first-ever website went live in 1991
 Today there are more than 1.2 billion websites
 Data volumes online will be 50 times greater in 2020 than they were in 2016
Facts

9.  World Wide Web was invented in 1989
 The first-ever website went live in 1991
 Today there are more than 1.2 billion websites
 Data volumes online will be 50 times greater in 2020 than they were in 2016
 A business will fall victim to a ransomware attack every 14 seconds by 2019,
increasing from every 40 seconds in 2017
Facts

10.  World Wide Web was invented in 1989
 The first-ever website went live in 1991
 Today there are more than 1.2 billion websites
 Data volumes online will be 50 times greater in 2020 than they were in 2016
 A business will fall victim to a ransomware attack every 14 seconds by 2019,
increasing from every 40 seconds in 2017
 The 5 most cyber-attacked industries in 2015-2018:
Healthcare, Manufacturing, Financial Services, Government, Transportation
Facts

11.  World Wide Web was invented in 1989
 The first-ever website went live in 1991
 Today there are more than 1.2 billion websites
 Data volumes online will be 50 times greater in 2020 than they were in 2016
 A business will fall victim to a ransomware attack every 14 seconds by 2019,
increasing from every 40 seconds in 2017
 The 5 most cyber-attacked industries in 2015-2018:
Healthcare, Manufacturing, Financial Services, Government, Transportation
 The manufacturing industry is now one of the most frequently hacked sectors
Facts

12.  World Wide Web was invented in 1989
 The first-ever website went live in 1991
 Today there are more than 1.2 billion websites
 Data volumes online will be 50 times greater in 2020 than they were in 2016
 A business will fall victim to a ransomware attack every 14 seconds by 2019,
increasing from every 40 seconds in 2017
 The 5 most cyber-attacked industries in 2015-2018:
Healthcare, Manufacturing, Financial Services, Government, Transportation
 The manufacturing industry is now one of the most frequently hacked sectors
 Nearly half of all cyberattacks are committed against small businesses
Facts

13. Cyber Security
History of cyber attacks

14. Stuxnet: Targeting critical infrastructure
Quelle: ibtimes
 First detection in 2010
 Infected around 100.000 industrial
plants worldwide
 Targeted to Iranian nuclear industry
 Spread over service laptops, USB and
network
 Attack routine only install and initiated
on certain Siemens PLC setups
 Attacked PLC directly by changing
values
 All changes are invisible to operators
Quelle: newscientist
https://en.wikipedia.org/wiki/Stuxnet

15. BlackEnergy trojan strikes again: Attacks
Ukrainian electric power industry
http://www.welivesecurity.com/
 On December 23rd, 2015, around half
of the homes in the Ivano-Frankivsk
region in Ukraine (population around
1.4 million) were left without electricity
for a few hours.
 Prykarpattya Oblenergo, a power
distributor that serves 538,000
customers, says 27 of its substations
went dead.
http://money.cnn.com/
http://money.cnn.com/2016/01/18/technology/ukraine-hack-russia/
http://www.welivesecurity.com/2016/01/04/blackenergy-trojan-strikes-again-attacks-ukrainian-electric-power-industry/

16. CYBER THREAT LANDSCAPE IN UKRAINE
2014-2016
https://boozallen.com/content/dam/boozallen/documents/2016/09/ukraine-report

17. ICS SECURITY: 2019 IN REVIEW
73 percent of industrial organizations’
networks are vulnerable to hackers
(Positive Technologies testing in 2018),
Most vulnerabilities detected can be
exploited remotely without needing to
obtain any privileges in advance.
The research revealed 175,632 ICS
components accessible online.
https://www.ptsecurity.com/ww-en/about/news/

18. https://www.ptsecurity.com/ww-en/about/news/
Number of Internet-accessible ICS components, by country

19. Internet-Facing Industrial Control Systems
https://4sics.se/john-released-an-ics-world-map-at-4sics/

20. Internet-Facing Industrial Control Systems
https://www.shodan.io/
Rather than to locate specific content on a particular search
term, SHODAN is designed to help the user find specific nodes
(desktops, servers, routers, switches, etc.) with specific content
in their banners

21. Questions every executive
should consider regarding
cybersecurity

22. Network security - Industrial vs Office IT
Preference Industrial IT Network Office IT Network
Priorities order
(availabilitiy, integrity, confidentiality)
Life Cycle (years)
Data communication (delays accepted, real
time?)
Network availability (losses accepted?)
Patch management (updates frequency)
Location of security hardware (decentralized
vs centralized)
IT security implementation level (low – high)

23. Network security - Industrial vs Office IT
Preference Industrial IT Network Office IT Network
Priorities order
(availability, integrity, confidentiality)
1. Availability
2. Integrity
3. Confidentiality
1. Confidentiality
2. Integrity
3. Availability
Life Cycle (years) 10 -20 years 3 - 5 years
Data communication (delays accepted, real
time?)
Real time Delays accepted
Network availability (losses accepted?) 24/365 Losses accepted
Patch management (update frequency) Infrequent Frequent
Location of security hardware
(decentralized vs centralized)
Decentralized Central
IT security implementation level (low – high) Low or none High

24. Is our Industrial Control Systems
(ICS) environment protected from
the Internet and how have we
validated that?
Industrial IT Security
Important questions

25. Who is the manager ultimately
responsible for cybersecurity or
do we rely on third-party support?
Industrial IT Security
Important questions

26. Do we have remote access to our
ICS network? If so, why do we need
it, and how is it protected and
monitored?
Industrial IT Security
Important questions

27. Industrial IT Security
Estimated costs of security failure
1 Data loss:
Suddenly, your entire data is lost. What would be the costs for reconstructing the data?
Euro _______
2 Loss of know-how:
Your competitor gains access to your confidential data (characteristic data, construction plans etc.). How great would
the damage be for You? Euro _______
3 Downtimes:
Due to a security problem, the production site stands still for several hours. How much would that cost You?
Euro _______
4 Employees' working hours:
How many working hours of your employees would You have to invest to compensate for the results of a security
failure? Euro _______
5 Hijacking of your computers:
How great would the communication effort be if a stranger used your (!) computer to spy on or attack a third party?
Euro _______
6 Reputation:
How great would the damage to your reputation be if your customers would not trust You any longer?
Euro _______
Total: Euro _______

28. Industrial IT Security
POTENTIAL RISKS

29. Production plant defense concept
Plan security
 Physical access protection
 Processes and guidelines
Network security
 Network segmentation
 Cell protection
 Firewall and VPN-Access
 Authentication
 Firewall logging
System integrity
 Patch management
 White listing
 Virus scan

30. Industrial IT Security
Identify all possible RISKS and
avoid them

31. Let’s connect on

32. Thank you
and keep your assets protected!