by Gary Mintchell | May 1, 2024 | Automation, Security
The 6th Honeywell cybersecurity research concludes that yes, you are being targeted, and maybe not where you expect it. Yes, it is still humans that are the most vulnerable link in the cybersecurity defense Maginot line.
- New research indicates increasing sophistication of cyber criminals targeting operational technology (OT) and the industrial sector
- USB devices continue to be leveraged as part of larger cyberattack campaigns aiming to manipulate rather than exploit
New research from Honeywell provides insight into just how dangerous unchecked USB devices can be in operational technology (OT) environments. Honeywell discovered that adversaries are now using USB devices to gain access to industrial control systems, where they can hide and observe operations before launching attacks that leverage the inherent capabilities of the systems, known as “living off the land” (LotL) attacks. These attacks are less dependent on exploiting vulnerabilities and more focused on collecting information, evading detection and manipulating the target systems.
“Targeted cyber-physical attacks are no longer about zero-day exploits that take advantage of an unknown or unaddressed vulnerability. Instead, they are more about silent residency – using LotL attacks to wait until there is an opportune moment to turn a system against itself,” said Micheal Ruiz, vice president of OT cybersecurity for Honeywell.
According to the report, most of the malware detected on USB devices by Honeywell’s Secure Media Exchange could cause loss of view or loss of control of an industrial process, a potentially catastrophic scenario for operators.
The 2024 report is based on the Honeywell Global Analysis, Research and Defense (GARD) team’s tracking and analysis of aggregated cybersecurity threat data from hundreds of industrial facilities globally during a 12-month period.
Several of the report’s additional key findings included:
- USB devices continue to be used as an initial attack vector into industrial environments, as 51% of malware is designed to spread via USB, a nearly six-fold increase from 9% in 2019.
- Content-based malware, which uses existing documents and scripting functions maliciously, is on the rise, accounting for 20% of malware.
- Over 13% of all malware blocked specifically leveraged the inherent capabilities of common documents, such as Word, Excel and PDF documents.
- Malware can cause significant impact, such as loss of view, loss of control, or system outages in OT environments. 82% of malware is capable of causing disruption to industrial operations.
by Gary Mintchell | Apr 30, 2024 | Edge, Manufacturing IT, Operations Management
In brief:
- Companies can now monitor and manage fleets of edge nodes locally, ensuring continuous secure operations even when cloud connectivity is disrupted.
- ZEDEDA Edge Sync is the first edge solution that enables customers to manage deployments locally and from the cloud, providing the flexibility to move to the cloud from air-gapped environments.
- ZEDEDA Edge Sync is the latest addition to ZEDEDA’s Edge Application Services suite. It simplifies the security and management of edge infrastructure and applications at scale.
ZEDEDA continues to update its edge orchestration solution. This update expands its utility.
ZEDEDA, the leader in edge management and orchestration, today announced ZEDEDA Edge Sync, a secure and convenient solution tailored for air-gapped environments and edge deployments lacking consistent cloud connectivity.
Despite advancements in connectivity at the edge, many deployments still face network challenges due to their distributed nature, ultra-secure systems or unreliable connections. ZEDEDA Edge Sync solves these problems by enabling local node management while seamlessly integrating with ZEDEDA’s platform.
Due to their distributed nature, modern edge deployments confront numerous network connectivity challenges. Edge deployments often lack consistent cloud connectivity due to high-security air-gapped environments, unreliable network connectivity, or frequent planned outages. ZEDEDA Edge Sync solves these problems by running on a local network regardless of the network connectivity method and connecting to the ZEDEDA cloud controller when connectivity is restored.
For example, it may be common for a location’s network connection to get interrupted for some time, either planned or unplanned. To avoid any service interruption during the outage, the site operator can ensure that edge nodes are functioning properly and that configuration changes are possible while the outage persists.
This applies even to completely air-gapped deployments where the device can never connect to the outside world once it is deployed. ZEDEDA Edge Sync allows monitoring and changes at a fleet level as long as the local edge nodes have access to the network the ZEDEDA Edge Sync service is on. It eliminates the need for expensive hardware components by running on standard systems and supports varying levels of disconnectedness without compromising functionality.
ZEDEDA Edge Sync provides a management and monitoring API that enables customers to build their own custom integrations, applications, and HMI interfaces on top of it, leveraging ZEDEDA’s API-based approach.
by Gary Mintchell | Apr 29, 2024 | News, Security, Technology
I haven’t had word from ISA for quite some time. And especially the cybersecurity certification program. This news concerns GE Power Conversion’s HPCi Controller achieving cybersecurity Security Level 3 certificates of conformance. Congratulations.
The International Society of Automation (ISA) announced that its ISASecure cybersecurity certification program has issued the world’s first Security Level 3 (SL3) certificates of conformance. The ISASecure program certifies conformance to the ISA/IEC 62443 series of internationally recognized automation and control systems cybersecurity standards.
Among the first automation products to achieve this challenging security classification is GE Power Conversion’s HPCi Controller.
“We are pleased to see GE taking a leadership role in securing automation that affects our everyday lives,” said Andre Ristaino, managing director, ISA conformity assessment programs. “Securing products to SL3 surpasses the minimum SL2 needed to defend against intentional cyber attacks.”
The ISASecure SL3 certification provides confidence to GE Power Conversion customers that the HPCi Controller is free of known cybersecurity vulnerabilities and is robust against network attacks, and independently confirms conformance to ISA/IEC 62443-4-2 SL3 security requirements. This is the world’s first ISASecure CSA 1.0.0 Level 3 certification.
Following soon after GE, Bitron Electronics also completed the necessary requirements to pass the SL3 certification evaluation, making Bitron the second supplier to achieve this advanced certification level under the ISASecure certification scheme.
“With two SL3 certifications already complete, these certifications further demonstrate the marketplace’s growing acceptance of the ISASecure ISA/IEC 62443 conformance scheme as the leading certification scheme on the market today,” said Brandon Price, senior principal for industrial cybersecurity at ExxonMobil and ISASecure board chair.
Companies that choose to achieve higher levels of certification understand how to apply the ISA/IEC 62443 standards and recognize the value of protections and assurances they provide to their end-user customers. As the need for advanced security protection grows, ISASecure certifications – recognized and accepted globally – continue to be the most sought-after certification specified by end users.
ISASecure recently published a whitepaper describing the value of securing automation and control systems to SL2 or higher. “The Case for ISA/IEC 62443 Security Level 2 as a Minimum for COTS Components” is available for download on the ISASecure website.
by Gary Mintchell | Apr 29, 2024 | Automation, Industrial Computers
Catching up on some back news. This is part of the flurry of news around chipmaker partnerships with computer hardware suppliers. This one is Advantech, a Taiwan-based computer manufacturer, and Qualcomm Technologies. I have not had a conversation with Advantech for years, but they’ve always been an interesting company not shy about touting their advances as you can see in their release.
They are no less than revolutionizing edge computing.
Advantech proudly announces its strategic collaboration with Qualcomm Technologies, Inc. to revolutionize the edge computing landscape. This effort, combining AI expertise, high-performance computing, and industry-leading connectivity, is set to propel innovation for industrial computing. This collaboration establishes an open and diverse edge AI ecosystem, paving the way for best-in-class solutions tailored to AIoT applications. The announcement was also made at Embedded World 2024.
Oh, and everyone is also touting AI. Advantech’s goal is to develop an advanced lineup of Edge AI Platforms and a dedicated Edge AI SDK for edge AI applications.
by Gary Mintchell | Apr 26, 2024 | Automation, Commentary, News
I first met Opto 22 back in the early 90s when I searched for a solution to connect one of my Allen-Bradley devices to a Modicon PLC and discovered their solid state relays. I could at least send digital signals. (Note: I didn’t get the job.) Later I stopped by their booth at a trade show where they wore black arm bands in memoriam for the demise of the PLC. A few years later I joined Control Engineering magazine and had many interviews.
They have always had an edge and a sense of humor. And, they were always looking on the margins for competitive advantage. For years, Benson Hougland was the only technical marketing person with whom I could talk IT and OT.
Their new groov product along with partnerships with Inductive Automation (Ignition software) and Cirrus Link (MQTT) has offered a proven solution for many industrial (and other markets) automation challenges.
Well, Opto 22 is 50 years old! I’m reprinting some thoughts from CEO Mark Engman posted on Apr 3, 2024.
You can count on high-quality Opto products and continued support for all your automation and IIoT applications.
I have a hard time believing it’s been 50 years since my dad and mom started Opto 22. My dad, Bob Engman, was an engineer who helped develop a better way to manufacture solid state relays.
SSRs had just been invented in the early 1970s, and the improvement was to pot SSRs with epoxy to protect the electronics from shock, vibration, and environmental contaminants. When Opto 22 began in 1974, our first products were, you guessed it, twenty-two SSR models manufactured by the new method.
It’s all about quality
Dad was always focused on quality. He made sure every single SSR we built was tested—twice—to make sure it would function to specs once you installed it in the field. That dedication to quality is still a hallmark of the company. That’s why we don’t do batch testing. We still double-test every single SSR and I/O module we manufacture.
That’s also one of the reasons our factory is not overseas, but attached to our company headquarters in California. It’s easy for our engineers and factory team to work closely together to design and build products that are high quality. That’s why we can afford to guarantee our SSRs and I/O modules for life. And you’ve told us how much you appreciate that.
50 years’ worth of change
Industrial automation is a complex field that’s changed over and over again during the last five decades. Just think: when we started, the personal computer had barely been invented and factories were just beginning to automate production lines. As a manufacturer of automation equipment, we’ve had to look forward and adjust again and again to new technologies, new bus standards, new protocols, new communication methods—and new competitors in our field.
So it’s pretty exciting to say we’re still here, 50 years later, still supporting your legacy products and building new products that meet your needs today—needs no one could have imagined when we began.
It’s our people who got us here
I believe the main reason the company has been successful for so long is our people. My dad worked in a corporate environment and didn’t like the results of all those layers: delays, lost ideas, employees who felt powerless and unappreciated.
So when he started Opto 22, he cut the layers and created a flat organizational style. We hire good people, get them started, and then let them do their jobs. And unlike most tech companies, we don’t lay people off the minute there’s a downturn in the industry. We don’t overhire, and we keep our people because we know their value.
The result is a loyal, experienced staff who produce higher quality products and give better service to our customers in design, manufacturing, and support. They work together to build success for all of us, with very little of the internal politics you typically find in a corporation. The average tenure of our factory workers is 26 years, and of our engineering and support staff, 24 years. People are happy to work here, and it shows.
Engineers in charge
In addition to our focus on quality and our people, I think it’s the business approach of the company that makes Opto 22 a long-term player in the industrial automation field.
Opto 22 has always been run by engineers who get excited about new tech. We want to play with it, see where it takes us, build products that use it.
Because we’re engineers ourselves, we know what you deal with, day by day. We know budget restraints as well as technical ones, and everything from wiring to the frustration of systems that don’t talk with each other.
Our company’s flat structure encourages new ideas instead of squashing them in corporate layers. We can engineer new products quickly and bring them to you.
Open standards make the most sense when you’re trying to build systems and interconnect devices and software. So we’ve always helped establish open standards for the industry, like OPC and Ethernet.
We design new products for the long term and continue to support the legacy products you’ve had for years, offering upgrade paths to newer solutions.
So what does that mean in practice? It means you can count on Opto 22 to introduce new ideas that expand your options and make your job easier—ideas like programmable automation controllers (PACs), which are a hybrid of the earlier PLCs and PC-based control. We introduced the PAC concept way back in 1990 and then expanded on it in the mid-2000s with our SNAP PAC System, still sold, supported, and used worldwide.
And today the edge technologies in our groov products expand your options again. With groov EPIC (2018) for edge control and groov RIO (2020) for edge I/O, you can meet the new demands you’re seeing for data and connectivity. groov industrial construction, CPU power and memory, easier networking and cybersecurity, OT and IT protocols, built-in software, and web-based management are leading the way to effective new industrial automation architectures and digital transformation for better business decisions.
Helpful (real) people
One of the things new customers are surprised about is that when you call or chat with Opto 22, you talk to a real person. We think your projects and applications are fun to work on, so personal customer service from free Pre-Sales Engineering to free Product Support is a big part of what we do. All support comes from knowledgeable engineers here in California.
That extends worldwide, too. Our partners in the U.S. and other countries are capable distributors and integrators you can count on to handle sales, service, and training for all our products.
Thank you
As we celebrate our 50th anniversary, I want to thank all of you, our customers, integrators, and distributors, for everything you do: using our products, telling us what works—and what doesn’t—and sharing your ideas for features you need. With your help we’ve taken this 50-year journey from highly reliable SSRs to state-of-the-art Edge Programmable Industrial Controllers.
What will the next five decades bring?
