A new cybersecurity risk with direct impacts on most manufacturers has recently been discovered. The Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) on Wednesday. The CSA warns that specific advanced persistent threat (APT) actors have exhibited the capability to gain complete system access to multiple industrial control system (ICS)/supervisory control and data acquisition (SCADA) devices.
The affected devices often serve as the interface between traditional computers and control systems such as PLCs, actuators, and sensors in industrial equipment and manufacturing operations. Specific devices mentioned include:
- Schneider Electric programmable logic controllers (PLCs),
- OMRON Sysmac NEX PLCs,
- Open Platform Communications Unified Architecture (OPC UA) servers.
CIRAS recommends that manufacturers take the following actions:
- Conduct an audit of your factory and operations to identify all potential hardware impacts. These PLCs and OPC UA servers may be present in your plant control/automation systems or within purchased machines such as CNC equipment, mixing systems, and more. Work with an IT or cybersecurity professional to implement mitigations provided in the CSA and establish them as permanent practices with an incident response plan in place.
- Conduct a product audit to identify any products you sell or have sold that include hardware that is impacted. Communicate with your customers the potential impacts and recommendations.
- Conduct a supply chain review to understand the extent of potential impacts on your supply base. A brief survey of all direct suppliers can provide valuable insights.
- Update your capital equipment purchasing process to understand the controllers used when purchasing equipment to ensure you make informed procurement decisions.
Most companies have digitized their information and some part of their business operations to stay relevant and competitive in this economy. Safeguarding data and information remains a priority and has become a risk management proposition. Data breaches that expose sensitive, confidential, or proprietary information can be costly and not just in terms of the immediate monetary impact on productivity and sales revenues. Additional damage to intangible assets like reputation and customer goodwill can also be substantial. The Iowa Manufacturing Needs Assessment indicates that cybersecurity is one of the most implemented initiatives among Iowa manufacturing companies.
CIRAS is partnering with four Iowa cybersecurity firms for a timely presentation on protecting companies from a cyberattack. The workshop, “Secure Your Business,” will be held Wednesday, June 1st, at the Digital Manufacturing Lab in Ames or virtually. Join your peers, and explore the solutions and innovations shaping the future of Cybersecurity.
For more information, contact Shankar Srinivasan at srigshan@iastate.edu or 515-290-6702.