Are your industrial networks vulnerable to cyber attack?

Increasingly complex network systems can make preventing and detecting attacks more difficult.

your industrial networks vulnerable to cyber attack?

Over the last several years, cybersecurity has grown from a fringe topic to a major concern within the industrial networking community. In that time, networking professionals and manufacturers have gone from asking why network security was important to how networks can be secured most effectively and efficiently.

Simultaneously, the US federal government has become more involved in cybersecurity issues, with President Obama signing the Executive Order—Improving Critical Infrastructure Cybersecurity—in February 2013. On March 12, 2013, General Keith Alexander testified to Congress about the Pentagon Cyber Command plan to set up 13 cybersecurity teams by 2015 to aid in large-scale cyberattack defense. 

Should food and beverage manufacturers be worried about a growing security vulnerability in their operation? According to the Mandiant Report, an annual document compiled from numerous advanced threat investigations, manufacturing is one of the top-10 most targeted industries for cyber attacks.

According to the 2012 Cost of Cyber Crime Study from the Ponemon Institute, the cost of attacks within the US in 2012 was $8.9 billion. A Foreign Policy National Security Newsletter recently estimated the number much higher, at as much as $338 billion annually. Thomas Nuth of Hirschmann Automation and Control for Tofino Security thinks the second number is high, but “the fact remains—poor security is getting expensive. And a large portion of this total loss is incurred within the industrial automation and energy sectors.”

Industrial automation and infrastructure networks are so vulnerable to attack because most were built with reliability, not security, as the primary goal. “In a very real sense, all infrastructures are built on the industrial infrastructure base,” says Nuth. “The concept of the ‘network of everything’ that futurists and city planning commissions have spoken about optimistically for years has arrived.”

And with that network comes a host of industrial security challenges. As infrastructures grow in size and complexity, attackers can remain undetected for longer periods. Mandiant puts the median number of days before an advanced threat is discovered at 416, giving attackers time to inflict greater damage on the victim.

As attackers’ capabilities have grown, enterprise IT teams must keep up with tools including best-practice, deep-packet inspection capability in the field and zone protection network segmentation. A major problem, according to Nuth, is that IT solutions teams tend to focus on preventing the loss of confidential information rather than the reliability and integrity of the system.

In process automation, a central distributed control system (DCS) typically links to six or more auxiliary networks. These networks could include a safety instrumented system (SIS), sequence of events (SOE), analysis management data acquisition systems (AMDAS), plant information management systems (PIMS), vibration monitoring systems, position location systems, alarm management systems, fire and gas systems and building automation systems. While the diffusion of networks has led to increased profitability and industrial efficiency, without sufficient attention to security considerations, they only serve to increase cybersecurity vulnerability.

So, how can SCADA networks be secured? One important tool is the use of industrial security standards such as ISA/IEC 62443 (formerly ISA-99). Tofino offers a white paper on ICS and SCADA security available for download here.

It’s also important to use robust technology solutions designed for the manufacturing plant floor that can be integrated with industrial network management systems. According to Nuth, manufacturers should also deploy firewalls securing industrial protocols as well and practice zone-level security for defense in depth. Lastly, automation security benefits from open and effective collaboration between IT and engineering teams, facility management and workers.

Did you enjoy this article? Click here to subscribe to Food Engineering Magazine.

Recent Articles by Shane O'Halloran

You must login or register in order to post a comment.



Image Galleries

IPPE 2015

The 2015 International Production and Processing Expo (IPPE) was held in Atlanta at the Georgia World Congress Center, Jan. 27-29. More than 30,000 poultry, meat and feed industry representatives attended the event to interact with the 1,288 exhibitors on the show floor that covered more than 490,000 net square feet. At the show exhibitors demonstrated innovations in equipment, supplies and services utilized by firm in the production and processing of meat, poultry, eggs and feed products.


Burns & McDonnell project manager RJ Hope and senior project engineer Justin Hamilton discuss the distinctions between Food Safety and Food Defense as well as the implications for food manufacturers of the Food Safety Modernization Act.
More Podcasts

Food Engineering

Food Engineering March 2015 cover

2015 March

In this March 2015 issue of Food Engineering, we explore how a surprise FDA audit could be serious if you're not recording key data.

Table Of Contents Subscribe

FSMA Audit

What is the is most important step you have taken to become ready for a FSMA audit?
View Results Poll Archive


Food Authentication Using Bioorganic Molecules

This text provides critical tools and data needed to augment routine food analysis and enhance food safety by aiding in the detection of counterfeit, and potentially deleterious, foods.

More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.


FE recent tweets

facebook_40.pngtwitter_40px.pngyoutube_40px.png linkedin_40px.pngGoogle +

Food Master

Food Engineering Food Master 2015Food Master 2015 is now available!

Where the buying process begins in the food and beverage manufacturing market. 

Visit to learn more.