03/09/2020 | News release | Archived content
When it comes to automotive manufacturing, industrial control systems (ICS) may be the weak link inviting new types of attacks. Here's what you need to know.
Auto manufacturing has become an increasingly popular target today for industrial cyberattacks. Since 2016, the number of annual incidents has increased by 605%, with incidents more than doubling in 2019 alone.1 One reason - advances and changes in OT have opened up new attack vectors and surfaces.
Legacy ICS in the automotive industry has proven to be durable, but this durability has become a security risk in today's connected world. Most of the original operational technology (OT) networks servicing the automotive industry were not built with security in mind, simply because there was little security risk. They consist of equipment originally designed to be 'air-gapped,' in other words totally isolated - electromagnetically, electronically and physically - from all networks, including local systems and the internet, especially those that weren't secure. However, the convergence of IT and OT, combined with the rapid adoption of IIoT, has yielded new attack vectors that were previously not possible.
Several conditions make auto industry ICS vulnerable:
To mitigate OT risks, you need full visibility into all the operational assets that control sourcing, fabrication and assembly processes. Deep knowledge of all types of devices in the OT network - including patch levels, firmware versions and backplane information - is essential. Also, account for dormant devices not communicating regularly over the network. You can do this at your organization's main location via an on-premises physical device.
Be sure to establish OT security at all sites, so that remote locations have the same mitigation as the main campus. If sites are too small or remote to accommodate additional gear, consider deploying a cloud-based solution. In addition, live feeds can identify new security threats and enable a real-time OT security posture.
Due to the strict production schedule and cost of downtime in automotive manufacturing, it's difficult to stop operations to apply patches when a vulnerability is discovered or even to perform routine maintenance. To ensure vulnerability windows are closed in a timely manner, an effective OT security system should perform regular inventory checks that provide details, including device model numbers, firmware versions, vulnerabilities, patch levels and more. These checks will pinpoint the devices that require maintenance when the plant can be idled and allow for targeted and prioritized operations procedures in the meantime.
When it comes to threat detection, the most effective process combines multiple detection engines:
Want to learn more about how you can overcome OT security challenges? Tenable.ot (powered by Indegy) can help by providing capabilities such as: