Cyber Threat in the Age of Industrial Automation
We are standing at the dawn of the fourth industrial revolution. Industry 4.0 is ushering in a new era of manufacturing, promising to truly break the mould of all we have known before.
Traditional manufacturing processes are merging with automation, robotics, IoT, analytics, AI and augmented reality to create truly intelligent cyber-physical systems, ones which can practically think for themselves. Advanced sensors, machine learning and communication between devices are combining to bring incredible operating efficiencies, increased revenues and the ability to adapt rapidly to changing requirements. According to consultants McKinsey, the potential economic impact of the IoT (Industrial Internet of Things) could be in the region of $6.2 trillion by the year 2025.
In Australia, we are already seeing both the Government and industry embracing this change. The recent signing of the German-Australian cooperation agreement on Industry 4.0 was followed by Siemens announcing the investment of $135 million in the form of an industrial software grant for the Swinburne University of Technology, creating Australia’s first fully immersed Industry 4.0 facility, and one of a number of university innovation accelerators opening around the country. Brisbane-based firm MOVUS have developed an Industrial IoT sensor and machine monitoring solution called FitMachine — “the Fitbit for machines“. Using artificial intelligence, this platform provides proactive monitoring and management of industrial machinery, substantially reducing down time and the need for manual inspections. The Western Sydney BOC Gas plant is set to be the site of a world-first in robotics. A robot cylinder automation system, which integrates advanced laser vision technologies, automatic guide vehicles, robots and 3D cameras, will transform how gas cylinders are sorted and moved around the site. Then there is South Australian Internet of Things (IoT) satellite technology startup Myriota, whose low-cost transmitters will connect hundreds of millions of devices to satellites up in space.
The flipside to all this is, unsurprisingly, the inherent cybersecurity threat that such a colossal attack surface will attract. As information flows between machines, controllers, peripheral devices and external systems, so the risk of cyber intrusion grows. Once malicious attackers have access to a network not only can they steal intellectual property or carry out industrial espionage, they can potentially interfere with process controls to manipulate machines remotely. When you consider that well-known cybersecurity firm Dragos estimating that more than 3,000 malware attacks are occurring per year at industrial facilities, including the oil sector, this is clearly a danger which cannot be ignored.
It does not require much imagination to picture how catastrophic malicious interference in these systems could be. In fact, we only have to look back at the 2017 headlines to get an idea. WannaCry, which was believed to have impacted 300,000 computers across 150 countries in May 2017, bringing the NHS in the United Kingdom to a standstill, resulting in patients being turned away from Emergency Departments and operations being cancelled. The NotPetya attack is estimated to have cost companies more than $1.2 billion USD, and affected multinationals such as Dutch delivery firm TNT and Danish shipping giant Maersk.
In Australia Qantas flights were in disarray after a systems failure impacted bookings provider Amadeus, courier service TNT and the Hobart Cadbury facility, were severely affected as well.
With Gartner predicting that worldwide spending on Internet of Things (IoT) security will increase by 28 percent to $1.5 billion USD in 2018, it appears companies are taking the threat seriously. The question is, do we have the knowledge and resources here in Australia to keep our manufacturing facilities safe?
According to Deloitte, only 2% of Australian business leaders feel highly confident they can fully meet the challenge of Industry 4.0, while the Australian Cyber Security Growth Network estimates that an additional 11,000 skilled experts will be required to meet demand over the next decade. If Australia wants to be at the forefront of the next industrial age, we clearly have some work to do to ensure we are adequately defended against cyber threats. Our workforce will need to be skilled up and switched on, there will be no room for complacency when the (industrial) revolution comes.