This notification is based on anticipatory analysis of emerging technology vulnerabilities and historical cyber intrusion activities. It is intended for companies and organizations that are using smart manufacturing technologies in their production or research efforts.
The FBI and the National Center for Manufacturing Sciences (NCMS) assess that smart manufacturing technologies and equipment likely are vulnerable to malicious compromise by a variety of cyber intrusion techniques. Such intrusions have the potential to target proprietary design, business, and other manufacturing process information. We have medium confidence in our assessment based on the increasing connectivity of web-based process automation, data analytics, and connected industrial control systems (ICS) involved in modern manufacturing.
Smart manufacturing is often referred to as Industry 4.0 or the Industrial Internet of Things (IIoT) and broadly refers to Web-enabled or networked cyber-physical manufacturing technologies. The integration of network connectivity into manufacturing technologies significantly increases the attack surface for malicious cyber actors, and creates a number of points for penetration or pivoting into other critical network segments.
Production equipment or other advanced technologies associated with smart manufacturing may not necessarily be designed with cyber security in mind. Further, integration of legacy manufacturing equipment into a networked environment may create additional cyber vulnerabilities. As such, security of information technologies (IT) and operational technologies (OT) should be considered in parallel when integrated in a manufacturing setting.
Given the sensitive, proprietary design and process information contained in design and manufacturing process data files, the FBI and NCMS recommend equipment operators and system administrators apply rigorous cyber security practices when incorporating the technologies into their production facilities or hosting the technologies on their networks. Information that transits a manufacturing network should be considered as sensitive as other business-critical information,
and should be protected as such.
Recommendations
The FBI and NCMS recommend that organizations using smart manufacturing systems consider the following cyber security practices, when integrating the technologies in their production environments. In addition to the cyber best practices highlighted at the bottom of this notification, the following seven strategiesa were developed by the FBI, the National Security Agency (NSA), and the Department of Homeland Security (DHS). These strategies are intended for ICS, which can be
found in many of the cyber-physical systems associated with smart manufacturing.
- Implement Application Whitelisting – Can detect and help prevent attempted execution of malware uploaded by adversaries
- Ensure Proper Configuration/Patch Management – Safe importation and implementation of trusted patches can help keep systems secure
- Reduce Your Attack Surface Area – Isolate systems from untrusted networks, disable unused ports and services
- Build a Defendable Environment – Segment networks into logical enclaves and restrict machine-to-machine communication paths
- Manage Authentication – Implement multi-factor authentication where possible and follow least-privilege principles
- Implement Secure Remote Access – Limit remote accesses, consider monitor only access, and eliminate persistent remote connections
- Monitor and Respond – Perform system baselines and monitor for changes, develop detailed response and restoration plans