In collaboration with the Politecnico di Milano (Polytechnic University of Milan), Trend Micro has prepared a research report on new attack methods on critical Industry 4.0 environments. Intelligent manufacturing systems are capable of far more than just performing the tasks for which they are usually used. It is precisely this aspect that makes intelligent manufacturing systems interesting for attackers who, among other things, can try to smuggle malicious code into the system undetected.
The potentially weak links in the security chain include the Manufacturing Execution System (MES), human-machine interfaces (HMIs) and individually adaptable IIoT devices. With the endangered systems and machines, there is a risk that an attack could lead to damaged goods, malfunctions, changes in work processes or the manufacture of defective products.
- Recommended defense and containment measures include
- Deep packet inspection that supports OT protocols to identify anomalous payloads at the network layer
- Regular integrity checks on endpoints to identify changed software components
- Code signing on IIoT devices to include dependencies such as third party libraries
- Expansion of risk analyzes to take automation software into account in addition to physical safety
- Complete chain of trust for data and software in intelligent manufacturing environments
- Discovery tools to identify vulnerable or malicious logic for complex manufacturing machines
- Sandboxing and privilege separation for software on industrial machines
More on this at Trendmicro.com