Securing UK Manufacturers from Cyber Attacks with Cyber-Physical AI (Guest blog by Exalens)
Manufacturers have been transforming their operations to harness the power of connected devices to optimise production, but this move to enhance operational output has opened the door to new threats– cyber criminals eager to take advantage of gaps in the system.
According to IBM’s X-Force Threat Intelligence Index, manufacturing ranked as the most targeted industry by cyber attacks in 2021. This unfortunate prize used to be awarded to financial services, but the landscape has shifted and so has the focus of threat actors.
Let’s look at the nature of these risks, and actions that manufacturers can take to minimise the impact of cyber attacks using artificial intelligence (AI).
Risks that manufacturers are facing
Many businesses operate under the misconception that they are unlikely targets and that cyber criminals prefer to infiltrate larger enterprises. But it’s shown that attacks are more likely to occur on the vulnerable. Cyber criminals of all stature are searching for the path of least resistance– casting a wide net for easy marks to compromise and extort.
Ransomware was observed as the primary method of attack against manufacturers (after initial access was gained). Malicious actors find vulnerabilities in a system, gain access, encrypt its contents (and in various cases steal it as well), then demand payment to release the data back to its owner.
Ransomware as an attack may have multiple other vectors leading to it. Malware (malicious software), a broad term which ransomware falls under, represents a host of programs used to gain control of a system and cause harmful actions (locking devices, disrupting system processes, deleting, corrupting data, or stealing data etc). Phishing operations (social engineered emails luring people to fake websites to extract sensitive information, or with infected file attachments that will compromise their system) have also been a key area of exploitation. All of which provide an entry point to compromise a company and need few resources to execute.
Mitigate risk with the fundamentals
The first step to cyber defence requires a cultural mindset and alignment from the organization and teams on strategies and measures. This means creating policies to patch and update firmware and operating systems and enforcing security protocols for secure passwords, keys, and multi-factor authentication. Manufacturers should have a system backup and restore strategy and need to build a network map with their interconnections.
This is not an exhaustive list, but it can act as a starting point. There are always new tactics being used by criminals, so this is often a one-sided interaction. Organizations find themselves playing catchup in a never-ending game of attack and defence.
But there are new developments using AI that further mitigate risks and reduce incident response time so that manufacturers can stay resilient in the face of attacks.
Build resilience to cyber attacks with cyber-physical AI
Resilience is the key objective to prioritise when it comes to cyber attacks, because threats are inevitable, and we cannot eradicate the source of every malicious attempt – no matter how many preventative controls we may put in place!
The challenges add up for manufacturers because they are entering a new paradigm with cyber-physical interconnections. IT and OT systems now interact to optimise production with connected devices. But this ever-growing interplay between the digital and physical world compounds the demand for cybersecurity. Digital transformation for operators means understanding new and probable risks, dealing with an increased load of data processing, time restraints to coordinate growing complexity, and a skills gap between available human resources and the necessary experience to manage these workflows.
Through research I conducted with other leading academics, we categorised cyber-physical threats and their impact on smart environments and used deep learning models to detect cyber-physical intrusions. Our research showed that AI offers scalable solutions to support the growing cyber-physical security demands on smart environments. This research background led me to co-found Exalens where we focus on securing smart manufacturers with cyber-physical AI – which intelligently combines both computer-related and physical process data to improve the way in which operational threats are detected and categorised.
Cyber-physical security may be a new term to some, but it is a more complete description of what manufacturers are facing. Visibility across the interconnection of every system adds complexity but is vital for security. AI allows us to utilise data from cyber-physical systems to test and train models, then automate processes.
The benefits of cyber-physical AI for manufacturers include:
- Real-time visibility and correlation between IT and OT systems
- Automated detection and classification of threats and faults (e.g., cyber attack vs equipment failure)
- Increased speed of incident detection
- Reduction in operational downtime
- Reduced burden on the workforce
- Reduction in human error
- Improved oversight, responsiveness, and serviceability by IT and OT teams
The pathway for manufacturers going through their digital transformation journey requires a first step– establishing a firm foundation of cybersecurity protocols and solutions. The next step forward for manufacturers building resilience to cyber attacks requires scalable solutions that leverage the power of cyber-physical AI to automate processes. This reduces the burden on the team, improves cyber-physical visibility, and speeds up response time to threats, which increases resilience and reduces downtime.
Help to shape and govern the work of techUK’s Cyber Security Programme
Did you know that nominations are now open* for techUK’s Cyber Management Committee? We’re looking for senior representatives from cyber security companies across the UK to help lead the work of our Cyber Security Programme over the next two years. Find out more and how to nominate yourself/a colleagues here.
*Deadline to submit nomination forms is 17:00 on Tuesday 18 October.
Upcoming events
Get involved
All techUK's work is led by our members - keep in touch or get involved by joining one of the groups below.
Authors
Dr Ryan Heartfield
Dr. Ryan Heartfield Co-founder and CTO/Chief Scientist at Exalens. He has over a decade of experience in combatting complex cybersecurity threats through AI-driven threat detection and incident response capabilities, and dynamic software-defined network security architecture.
