Cybersecurity Concept Image 3 63851dfeca4ff

Cope with change—protect PLCs

Dec. 1, 2022
Cybersecurity week 2022—day 4: Huffman Engineering advises following real-life and IT examples

Beyond simply multiplying, cyber-probes, -intrusions and -attacks are growing more sophisticated, and requiring users to protect entire systems instead of single access points.

“Cyber-criminals used to focus on taking control of a PLC, but now we’re seeing them attempt to gain access to the entire network through PLCs. That kind of access can be absolutely debilitating to a plant or public utility,” says Keith Mandachit, PE, engineering manager at Huffman Engineering Inc., a CSIA-certified system integrator in Lincoln, Neb. “These hackers are attempting to exploit the network through the engineering workstations, and any disparity between your IT and OT operations can open a window of opportunity for an attack we’ve seen called ‘Evil PLC attack.1’ ”

To handle the everchanging risk posed by cyber-threats, Mandachit reports that users must constantly and consistently educate and communicate among their staffs, contractors and clients. “Looking outside of your organization to learn of real-life examples and passing that knowledge onto you own stakeholders is imperative. The stakes are high as these attacks grow more sophisticated, so it’s not just about controlling your own internal processes anymore,” he explains. “Limiting access points is key to defending against attackers weaponizing PLCs. This includes managing the risk of allowing a third party’s external team to connect a laptop to your network and systems."

Mandachit reports that cybersecurity mitigation strategies should include:

  • Conduct a cybersecurity risk assessment (RA) and asset inventory to determine risk tolerance and budgetary plan;
  • Communicate with all stakeholders, such as operators, IT, automation engineers and management;
  • Limit access to PLCs with policies and procedures that control access, and allow only approved and vetted personnel access to applicable systems;
  • Monitor network traffic and analyzing it for unusual events, such as uploading and downloading PLCs with automated notifications;
  • Segment networks to reduce the risk of an attack infecting overall networks; and
  • Stay current with patches and other software updates.

“Reputable system integrators will regularly monitor and communicate updates with customers,” adds Mandachit. “These strategies used in conjunction can provide a unified front across your organization to help combat attacks.”

Converge and coordinate 

Just as cooperation between OT and IT can aid all kinds of digitalization, it’s also one of the most crucial ways to achieve cybersecurity.

“It’s always a challenge to get the IT and OT departments to work together. Both have important initiatives to accomplish but finding an effective balance for the entire organization can be difficult,” says Mandrachit. “Vulnerabilities can be exposed when the IT and OT departments can’t find the middle ground between security risk and production. If OT won’t budge on allowing the latest security updates, that exposes them to the risk of the newest cyber-attacks. If IT doesn’t recognize the importance of a continuous schedule, production goals can’t be met. These two have to find a middle ground, and often a certified control system integrator, who understands the importance of both areas when it comes to cybersecurity, can stand in the gap and help bring them together.”

About the Author

Jim Montague | Executive Editor

Jim Montague is executive editor of Control. 

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.