Various concurrent factors tend to position cybersecurity for industrial systems in the eye of the storm. Regardless of the advent of factories of the future and the full convergence of IT systems (Information technology) and OT (Operations technology), current geopolitical tensions and even the professionalization of cybercrime prompt a growing number of cyberattacks targeted at industrial systems. Caught in a vice, industrial heads must be prepared to confront the ever increasing cyber risk by being aware of the potential impacts to which their systems are exposed.
A threat for all industrial sectors
In the past, cyberattackers targeted IT systems, taking advantage of virtual means to steal information, embezzle funds or engage in industrial espionage or extortion. However, with the convergence of IT and OT worlds, hackers can now reach industrial systems: automated processes, production and HSE (health, safety, environment). Truth be told, the impact of cyberattacks on an industrial system is very different! They can stop production, cause physical damage and even put people’s lives in danger. Not only are financial losses a risk but also material and human losses, and CEOs may be held criminally liable.
No sector is spared from this growing risk. In a manufacturing plant, for example, processing raw material such as chemical reagents, a cyberattacker can interfere with the operations of storage tanks or reactors by threatening to corrupt chemical products if a ransom is not paid. In the transport sector, cyberattackers can infiltrate the control systems to shut off lighting in a tunnel or interfere with the running of traffic signals. Back in 2006 during a strike in Los Angeles, disgruntled employees connected to the city’s network from their homes and caused traffic jams over several days just by reprogramming four traffic lights! A more recent example comes from the energy sector when the FBI publicly announced that ISIS had attempted to hack into the US energy grid.
Aside from these last examples, very few incidents affecting industrial systems are covered on the news! We can also cite the incident at a nuclear power plant in the UK caused by the computer worm Conficker which uses flaws in the Windows Server Service to its advantage, the incident caused by the worm Slammer in the US and the targeted attack of the worm Stuxnet in 2010.
>> Want to find out more on this subject? We recommend reading: The 4 most iconic industrial cyberattacks.
The far-reaching impact
Cyberattacks launched on industrial systems can have a wide range of far-reaching impacts:
Material damage/bodily harm
Modifying the nominal settings of installations could cause physical damage, more often than not in the form of material damage, but in the future who’s to say that it won’t also cause harm to humans?
Loss of profits
Interrupting production sometimes leads to a substantial loss of profits. Modified manufacturing settings could result in the production of non-compliant products which would bring about considerable costs when the production tool is not directly targeted.
Taking malicious control of a system could lead to malfunctions in installations (opening sluice gates to release polluting products, for example) and cause serious pollution to industrial sites and its surroundings.
Loss of manufacturing secrets, counterfeits, advantages for competitors… the consequences of a theft of confidential industrial data are often dramatic from a business point of view for the companies targeted.
The non-compliance with strict regulations can lead to financial penalties (several hundreds of thousands of euros for the military spending law – LPM – in France).
Civil/criminal liability – Image and reputation
Rendering services unavailable, such as cutting off power or water distribution, or providing defective products that could put consumers’ lives in danger can lead to lawsuits for the damage caused but also, in a broader sense, can taint the company’s image in the eyes of its customers on into the future.
Attacks on industrial systems are spreading and diversifying and can have serious consequences on production tools, on production processes and, in some cases, even on staff and the general public. Faced with this context, industrial heads need to stop believing that their infrastructures are untouchable and impenetrable. They must safeguard the security of their installations by taking the right prevention and surveillance measures adapted to their needs.