Industry 4.0 at Risk as Manufacturers Fail to Patch

Nearly two-thirds of manufacturing organizations run outdated operating systems, putting them at increased risk of WannaCry and other threats, according to new Trend Micro research.

The security firm issued the warning in a new report launched at Hannover Messe this week, Security in the Era of Industry 4.0: Dealing With Threats to Smart Manufacturing Environments.

Data collected from its Smart Protection Network between July and December 2018 revealed just 29% of manufacturers on Windows 10, with the vast majority (60%) still on Windows 7.

What’s more, a significant minority (4.4%) are still running XP — almost double the number of organizations from other industries (2.5%).

As a result of using old and unsupported operating systems, manufacturing environments had a high infection rate with old network-based worms like Conficker. The same IT systems could be dangerously exposed to ransomware and info-stealers targeting corporate IP, Trend Micro argued.

USB-borne malware could also represent a major risk to the sector, given that autorun detections were higher here (26%) than for any other industry, the report claimed. Infected thumb drives were famously used to help spread Stuxnet.

Human machine interfaces (HMIs) on industrial control systems (ICS) could also be exposed to threats, given many are used in isolated environments and therefore may not be adequately protected, or patched often enough, the report found.

In fact, HMIs accounted for the vast majority of reported vulnerabilities (61%) submitted to ICS-CERT last year, to the month of September.

Crucially, although manufacturing systems are often used in isolated environments they are still connected to the public internet for ease of administration, exposing them to remote threats.

While many security reports on the sector hype up the threat of industrial sabotage, this one foregrounds the potential for IP theft.

“Malicious actors could be motivated to steal intelligence on processes, products, or technologies in use, which may include blueprints of confidential designs, secret formulas, or detailed assembly processes,” it noted.

“Computer-aided design (CAD) or document files, for instance, contain proprietary information, and these can be illicitly obtained for the production of counterfeit goods, or even infected or trojanized to enable attackers to gain access to critical systems.”

To mitigate these risks, Trend Micro urged manufacturers to bring IT and OT teams closer together, and to focus on best practices like restricting user access, disabling unnecessary services, prompt patching and updates where possible, and end user education.

What’s Hot on Infosecurity Magazine?