When robotics are used with industrial control systems for production, replacing manual labour and improving business efficiency, they can become a target of cyber attackers.
That, at least, is the fear of the majority of employees surveyed by Kaspersky in manufacturing companies in South Africa. Almost three quarters (73%) believe that, because of possible cyberattacks on robots, there are significant risks, and 53% think that production processes run by robots can be disrupted and stalled for several weeks or even longer.
Only 18% of employees believe disabled robots can be fixed immediately in case of a cyberattack, and 21% say it would take a few days. More than half of employees (53%) expect that recovery operations would take a significantly longer time: 44% said it would take from a few weeks to half a year, 4% think it will take from 7 months to 1 year, and 5% believe the production outage in case of a cyberattack on robots would last for more than a year.
“In our research we asked respondents to assess not only the level of robotisation at their companies but also their ability to resist related cyber risks,” says Andrey Suvorov, head of the KasperskyOS business unit. “It turned out that many employees had mixed feelings when assessing how protected robots are.
“They are confident that it’s necessary to pay more attention to their security and skeptical about how quickly a robot can recover after a cyber incident. In fact, we face the concerns about the modern industrial IoT systems proper work and protection, with all the variety of complicated smart devices inside. That’s why we offer Cyber Immune solutions to protect specific enterprise units or the entire IT-system, making industrial robots, ICS machines or autonomous vehicles immune to most cyberattacks without using applied security tools.”
To keep industrial computer systems protected from various threats, Kaspersky experts recommend:
- Conducting regular security assessments of OT systems to identify and eliminate possible cyber security issues.
- Establishing continuous vulnerability assessment and triage as a basement for effective vulnerability management process. Dedicated solutions like Kaspersky Industrial CyberSecurity may become an efficient assistant and a source of unique actionable information, not fully available in public.
- Performing timely updates of key components to the company’s OT network; applying security fixes and patches or implementing measures to compensate as soon as it is technically possible. This is crucial to preventing a major incident that might cost millions due to the disruptions to the production process.
- Using Industrial EDR solutions such as Kaspersky Industrial Cybersecurity for Nodes with EDR for timely detection of sophisticated threats, investigation, and effective remediation of incidents.
Enhance your response to new and advanced malicious techniques by developing and strengthening the incident prevention, detection, and response skills of your teams. Dedicated OT security training for IT security teams and OT personnel is one of the key measures to help to achieve this goal.
* The full report can be viewed by clicking here.