How Important Is Cybersecurity in Industrial Plants?

The networked world is vulnerable. It was only recently that the WannaCry and Petya ransomware attacks crippled the IT at global companies, such as Beiersdorf and Maersk. Dr. Alexander Horch, Head of Research, Development and Product Management at HIMA, talks about the risks of cyberattacks on industrial plants.

Mr. Horch, the threat of cyberattacks is growing. This not only puts information security at risk, but also plant safety. The most famous example is the attack on a German steel mill where hackers took control of a furnace and caused serious damage. How do plant operators protect against this danger?
Dr. Alexander Horch: Manufacturing plants are only completely safe when they combine functional safety and cybersecurity. This means that employees and the environment must be protected from the dangers that plants present. On the other hand, IT security is required to secure plants against attacks and manipulation. This includes industrial espionage as well as interference with production processes. Plant operators have to be aware of these risks and actively address them. This is a significant challenge as there are many factors to consider.

Which measures must companies actively adopt in order to ensure that manufacturing plants are not only functionally safe, but also cybersecure?
You always have to consider cybersecurity from the outset and not implement it retrospectively. International standards therefore require that process control and safety systems are separated from one another. Safety-oriented automation solutions should provide effective protection against cyberattacks, as well as a reliable emergency shutdown system. This is specified in IEC 61511, the standard for functional safety in the process industry, and IEC 62443 for cybersecurity. Separate systems are also included so that no critical errors can occur in safety-relevant processes when the control system is updated. Furthermore, systematic errors are eliminated due to the process control system level and the safety level not using the same components at the same time.

Cyberattacks are characterized by the fact that each one is different. Plant operators are constantly at risk. How can they deal with this?
No existing technology can offer protection against newly emerging attack opportunities. Attack scenarios are constantly changing. Plant operators, manufacturers, and system integrators therefore must always bear in mind that security requires regular action. For this reason, companies should frequently check internal networks and conduct penetration tests, for example. They should also familiarize their employees with the risks of phishing and social engineering, where hackers attempt to obtain data to access protected systems.

What role do people play in general when it comes to minimizing the risk of cyberattacks?
Attackers can target specific people in order to steal industry secrets or disrupt production processes. If a hacker knows a password, the attack becomes an incredibly easy task. But people can also cause these disruptions through negligence. Dedicated access protection can safeguard against this. Regular security training is also strongly recommended.

Dr. Alexander Horch, Head of Research, Development and Product Management at HIMA


HIMA China
+ 86 (0) 21 2051 6499