Category: Business • By: Stephen LaMarca, Manufacturing Technology Analyst, AMT - The Association for Manufacturing Technology • Jan 11, 2022
You're no dummy. But you're no cybersecurity expert either. Sound familiar?
Well, courtesy of a manufacturing cybersecurity expert we happen to know, here are some tips to get you beyond cybersecurity 101 and ensure the safety of both your assets and your employees. Kyle Saleeby, Ph.D., a staff engineer with Oak Ridge National Laboratory, joined the lab's Thomas Kurfess, Ph.D., and Lonnie J. Love, Ph.D., for a recent webinar, Practical Cybersecurity for Manufacturing Operations, hosted by AMT – The Association for Manufacturing Technology to talk level two cybersecurity.
A Review — Level One (or, What the IT Dept. Thinks (Hopes) You Already Know)
- Attacks are usually due to unintentional human error. Most serious cyber attacks are traced back to someone who simply forgot to follow basic cyber safety hygiene.
- Don't click on bad links. If it looks bad, it probably is. If you get a warning about clicking on a link, listen. Think critically about each action you perform.
- Don't open unknown or flagged emails. Again, if it looks suspicious, it probably is. Listen to the filters! Err on the side of caution and don't open it. (Also: You didn't win a million dollars. And you aren't about to inherit a windfall from a long–lost relative. Sorry!)
- Don't use unknown flash drives. Flash drives are critical tools in modern manufacturing workflows, but for each flash drive, you need to know where it came from, that it is formatted correctly, and that it is approved for use in your current machine/computer before you plug it in. Plugging in a flash drive is like opening a door to the machine/computer/network. Know who's knocking before you open!
- Don't plug your phone into a machine. Even if it's almost dead. Even if your significant other — or your mom — might call. Find somewhere else to charge your personal device (like an outlet, or your car, or the break room — NOT a machine tool). Consider buying power–only USB charging cables, too!
Level Two — Time for Cybersecurity 202
Going just a little bit further than the basics can make a substantial difference in the level of security on the shop floor. Whether you are running operations or an individual machine, it pays to play it safe when it comes to cybersecurity.
- Institute flash drive best practices.
- Don't immediately use freebie flash drives from trade shows. They are generally made by foreign, uncertified vendors and could contain malicious code without the company who distributes them even knowing about it.
- Re–format ALL flash drives on a separate computer. (See point one!) Even flash drives from reputable vendors should be wiped clean before they are used.
- Use flash drives with ONLY one machine. Do not use a common pool of flash drives.
- Invest in lockable USB–port plugs that cannot be removed from machines. These prevent unauthorized use of USB devices.
- Don't use Dropbox to share files from computers to machines. There are safer options available. Check out SMB, a file–sharing protocol developed by Windows.
- Do not used default router or computer passwords. If your password on any part of your network is “password,” you have a problem. Same goes for “admin” as a username. Every operator should have an individual, unique login.
- Do not use the same network for machines and personal devices. You should have separate Wi–Fi networks for personal use and for guests.
- Encrypt files. Don't transfer un–encrypted sensitive manufacturing information to or from your machines! There are many windows–based solutions for encryption.
- Limit network access. No one needs to know machine network names except the IT person controlling them. Names can be easily hidden.
- Change the pre–shared encryption key. This key is the basis for communication between a computer and the network. By changing it, you can prevent access.
- Decrease power levels for broadcast of Wi–Fi to machines to the minimum level necessary to get a signal at the machine. The signal shouldn't extend to the parking lot!
- A strong and protected network is your first — and best — line of defense against cyberattacks.
- Emphasize that cybersecurity is everyone's job.
Gain insight from the engineers at the Manufacturing Demonstration Facility at Oak Ridge National Laboratory. Listen to their on–demand programs by going to IMTS.com/Programs and searching “Tom and Lonnie Chat Series.”
Charged with ensuring that our country's manufacturing sector thrives, Kurfess and Love are blazing new trails by asking “what if” questions and whittling away the kinks in the last step of manufacturing technology products before market. These conversations are your chance to hear about the transformative technologies emerging within the industry.
About the Author
“Stephen LaMarca is AMT’s manufacturing technology analyst. He has a background in physics and a passion for all things mechanical, namely automobiles, clocks and wristwatches. He’s pretty sure he has the best job at AMT. He oversees and runs experiments on AMT’s manufacturing testbed, which includes a 5-axis horizontal CNC mill. Stephen is an enthusiastic IMTS TV and IMTS Network correspondent who injects humor into technical subjects. He also hosts the AMT Tech Trends podcast with Ben Moses, Technical Director. Stephen also tracks the research and development throughout the industry that goes into the stuff you see at IMTS!”