Protect PLCs from cyber threats

The Morris worm – created by Robert Morris in 2 November 1988, was one of the first computer worms distributed by the internet, and caused computers to buckle under the stress of unnecessary processing. Since then, cybersecurity threats have endangered computer systems and connected equipment.

Here, John Young, APAC sales director at industrial equipment provider EU Automation has advice for keeping programmable logic controllers (PLCs) safe from cyber-attack:

PLCs manage and control various steps in the manufacturing process. As technologies levied by the Internet of Things (IoT) have improved connectivity, manufacturers can remotely access their PLCs for more flexible maintenance and real-time monitoring.

Connectivity may be one the PLC’s greatest strengths, but it is also its silver bullet. When Dick Morley invented the humble PLC in 1968, the internet didn’t exist. Today, for the PLC to perform its monitoring and control processes, connection is essential. At the same time, it is this connectivity that exposes it to cyber-attacks.

The great PLC hack

Every step forward in the development of the PLC is matched by an advancement in the sophistication of cyber-attacks. The Stuxnet worm was first uncovered in 2010 and is believed to be responsible for causing substantial damage to Iran’s nuclear program by gaining access to computers through a USB.

Although the hack was carried out on an air-gapped facility that wasn’t connected to the internet, the malware ended up on internet-connected devices and quickly began to spread.

When the Stuxnet worm infects a computer, it finds out whether it is connected to a specific model of PLC. The worm then alters the PLC’s programming and therefore impacts the processes in a plant. For example, the worm can cause centrifuges to be spun too quickly and for too long, causing damage to the equipment. Because the PLC is communicating that everything is working as it should, it is difficult for the control system or an employee to detect what’s going wrong until it’s too late. Reportedly, Stuxnet ruined 20 per cent of Iran’s nuclear centrifuges.

Stepping up

As connectivity increases, cyber security must become a top priority. A robust security strategy begins with people. How many members of staff consider cybersecurity as their responsibility? And how many would still use a USB even when not authorised or aware of what’s on it? A need to know policy should be default in any plant and developing the knowledge of staff is a crucial aspect of building a security framework.

Manufacturers can also reduce the risk of cyber-attack by limiting the number of people that access connected devices. Several workers may need to access a PLC to monitor and control various processes on the factory floor. By creating individual accounts that only give the level of access that is necessary to each worker, managers can easily track and monitor their staff’s actions while preventing people from accessing data that they are not trained to handle.

PLCs have very long lifespans. Running an average of 20 years, many in use today have been in operation since a time when cyber security was less of a pressing priority. At the same time, upgrading to the latest PLC on the market can be a major investment, which isn’t always viable for smaller businesses. Manufacturers should partner with a reliable industrial parts supplier, like EU Automation, to ensure they are able to purchase the best PLC for the job.

Manufacturers are constantly stepping up their cyber-security game, but so are cyber-criminals. The Morris worm highlighted security flaws across internet-connected computer systems with disastrous consequences. To limit damage to their plant, manufacturers should prioritize security, one PLC at a time.