With the advent of Industry 4.0, organizations have created cutting edge AI-enabled factories that unfortunately remain vulnerable due to long-standing, overlooked cybersecurity flaws. This Industry 4.0 revolution has resulted in the rise of smart vulnerable factories. These smart factories rely heavily on ML (Machine Learning) and AI (Artificial Intelligence), interconnected devices, automation, live data, edge computing, 5G technology, and IoT (Internet-of-Things) devices, which are all vulnerable to cybersecurity attacks.
This session will explore three main concepts; 1) Understand how legacy cybersecurity vulnerabilities create risk in modern manufacturing environments, 2) Explore the reason these issues are still prevalent in “smart Industry 4.0” factories, 3) Critical questions organizations should be asking to effectively secure Industry 4.0 operations against cybersecurity threats.
These “old threats in new systems” are common legacy vulnerabilities found in smart manufacturing factories that are in desperate need of cybersecurity maintenance. Some examples include the use of default usernames and passwords on systems and equipment implemented on the factory floor that an attacker can easily find on the internet. Imagine not changing the default username or password and having the router on the smart factory floor, this is an attacker’s dream!
Other old threats in new systems that will be discussed include: 1) Outdated firmware on IoT devices and unpacked software on applications and systems being used on the smart factory floor, 2) Failure to properly segment the smart factory network from the corporate network—a long-standing issue that organizations can address yet often continue to overlook.
Why do cybersecurity threats continue to persist in smart Industry 4.0 factories? The threats persist due to rapid transition to smart factories and isolated teams failing to collaborate on cybersecurity solutions across the organization. From a cybersecurity perspective, organizations focus primarily on securing IT (Information Technology) systems and not enough attention is given to securing OT (Operating Technology) systems. Recent manufacturing related cybersecurity attacks are occurring at facilities that predominantly have more unsecure OT systems. Discussions will include real world examples showcasing successful attacks exploiting old cybersecurity vulnerabilities, such as the Microchip Technology cyberattack in 2024 that disrupted operations at several manufacturing plants, the Nexperia ransomware attack where the cyber gang stole 1 terabytes of data and asked for a $51 million ransom, and the Taiwan Semiconductor Manufacturing Company ransomware attack in 2018. All of these real-world scenarios resulted in financial damage, production downtime, data loss, and reputational damage.
We will conclude with how organizations can secure their smart factories from known cybersecurity threats. These include immediate calls to action that attendees can implement to eliminate the old cybersecurity threats in the new Industry 4.0 systems.
