Why is the industry a target for cybercrime?

By
Cedric Godefroy
January 4, 2022
3
min read
Share this article

Table of Contents

Today, cybersecurity is a major concern in the industrial sector. Beyond data theft or industrial espionage, attacks now target even automation and safety controllers, sometimes going as far as to threaten production systems.

According to the report 2020 from solution provider McAfee, cybercrime now costs the global economy $1 trillion. This amount includes $945 billion in financial losses, plus an additional $145 billion in cybersecurity spending.

Given the incessant stream of attacks targeting businesses, no sector is safe. The manufacturing industry is particularly affected: in 2020, it became the second most targeted sector by attackers, up from eighth position in 2019.

Graphique représentant un cybercriminelle


Vulnerability to Attacks

Industrial companies are more vulnerable to ransomware attacks due to the impact of such attacks on their ability to generate revenue. When a production line is halted, there's no "backup" to restore operations. Production must be restarted at all costs, sometimes prompting industrial companies to pay the ransoms demanded by cybercriminal organizations.

This vulnerability of production systems stems from the convergence between industrial systems ("OT," for Operational Technology) and information systems ("IT," for Information Technology), a trend that seems difficult to reverse. While traditionally, industrial systems—referring to production systems including PLCs and their control stations—were separate from the company's IT systems, interconnections and interdependencies are now far more numerous.

Industry 4.0 and Increasing Network Connectivity

Industry 4.0 is here, bringing with it a multitude of connected objects and sensors to optimize processes and improve automation. This is further compounded by increasingly complex and interconnected applications, as well as a rise in remote maintenance. This shift leads to rapid and increasing network connectivity, de facto expanding the attack surface if network security is poorly managed. A notable, almost absurd, example is a petrochemical industrial company that fell victim to ransomware because of its connected coffee machine…

The Age of Systems

The age of industrial systems is also a primary source of vulnerability. Industrial equipment represents significant investments, and its operational lifespan is planned for several decades, which contrasts sharply with current IT trends where technologies evolve extremely rapidly. It is estimated that in France, an industrial system lasts an average of fifteen years. In the railway sector, systems are designed for a lifespan of 30 or 40 years. In the nuclear sector, power plants have a lifespan of 60 years.

In IT, the timescales are entirely different. For each version of its operating system, Microsoft indeed offers a minimum of 10 years of support (at least five years of mainstream support, followed by five years of extended support), but no OS has been maintained for more than 12 years since Windows XP.

This 'planned aging' makes industrial systems fragile if software updates and application maintenance are not performed correctly.

Widespread Systems

Physical equipment (programmable logic controllers, controllers, regulators, etc.), whether connected or not, is used in very different industries and forms the core of many systems. For example, the same type of programmable logic controllers can be found managing a building's HVAC (heating, ventilation, air conditioning) as on a car manufacturing production line. As soon as a vulnerability is discovered in one of these widely deployed pieces of equipment, all such systems are at risk.

Graphique représentant les actions la politique de sécurité mis en place par SCorp.io.

Conclusion

The industry's characteristics (system lifespan, increase in connected objects) make it a prime target for cybercrime. The risk is enormous, sometimes leading to the shutdown of production facilities. 

Security is a top priority for SCorp-io. SCorp-io positions itself at the center of the convergence between OT and IT, by collecting field data and leveraging it in its cloud module. At SCorp-io, we believe this convergence is crucial for industrial advancement. By securing the various components of its architecture, from field protocols to authentication methods (OAuth2, 2FA), SCorp-io aims to make this transition seamless by protecting industrial data. Other articles on this topic will be regularly published on this blog.

Ready to transform your energy management

Start with a personalized demo or a free audit of your facilities.

Homme d'affaires concentré travaillant sur un ordinateur portable dans un café moderne avec une tasse de café à côté.