Why Security Measures Are Attracting Attention in Factories and How to Proceed Specifically
Recently, with the “2025 Cliff” warned by the Ministry of Economy, Trade and Industry looming, factories are also promoting the IoTization of factories as part of DX measures.
Some security personnel who have implemented IoT may be concerned that security measures remain the same as before.
This article explains why factory security is attracting attention, the latest situation and examples of cyberattacks on factories, and how to proceed with specific security measures.
Let’s check to prevent cyberattacks from stopping production lines.
Table of Contents
- Why Factory Security Is Attracting Attention
- Latest Cyberattack Situation
- Examples of Cyberattacks in Factories
- How to Proceed with Security Measures and Implementation in Factories
- Step 1: Organizing Internal and External Requirements, Operations, and Protection Targets
- Step 2: Planning Security Measures
- Step 3: Executing Security Measures and Continuously Reviewing Plans, Measures, and Operational Systems
- Summary
1. Why Factory Security Is Attracting Attention
The reason why factory security is attracting attention is because the number of network connections to manufacturing line equipment is increasing with the increase in IoTization in factories. Cyberattacks target network vulnerabilities, so the more network connections increase, the higher the risk of cyberattacks.
With IoTization, it has become possible to check the operating status of manufacturing lines, production status, analysis/production simulators, etc. on company PCs more than before. In addition, cameras that analyze images of manufacturing lines may be independently connected to cloud services.
There is a risk that Wi-Fi, etc., which bundles the networks of each device, may have vulnerabilities and become a target of cyberattacks. For these reasons, factory security is attracting attention.
2. Latest Cyberattack Situation
The number of cyberattack-related communications observed in 2021 by NICTER, a cyberattack observation and analysis system announced by the Ministry of Internal Affairs and Communications, increased by 2.4 times compared to 2018 and 3.7 times compared to 2016.
Looking at the content of cyberattack-related communications in NICTER, cyberattacks targeting IoT devices are still the most common.
In addition, according to the National Police Agency’s “Regarding the Threat Situation Surrounding Cyberspace in 2021,” ransom-demanding ransomware damage accounted for 55 cases, or 36% of the total, with the manufacturing industry being the most affected out of 146 cases. Since 92% of companies that were affected in some way by ransomware have been affected, security measures are considered important.
References:
https://www.soumu.go.jp/johotsusintokei/whitepaper/ja/r04/html/nf307000.html
https://www.npa.go.jp/publications/statistics/cybersecurity/data/R03_cyber_jousei.pdf
3. Examples of Cyberattacks in Factories
Here are some examples of cyberattacks that have actually occurred in factories. Since there is an impact that stops not only your own company but also all manufacturing lines of your parent company, etc., let’s take this opportunity to review your company’s situation.
| Company | Kojima Press Industry |
|---|---|
| Cause | Vulnerability in remote connection equipment used by a subsidiary for dedicated communication with a specific external company |
| Example Details | Kojima Press Industry’s subsidiary had a vulnerability in remote connection equipment used for dedicated communication with a specific external company, which led to unauthorized access. The attacker intruded into the subsidiary’s network from the remote connection equipment and further intruded into Kojima Press Industry’s internal network. On February 26, 2022, after 20:00, traces of attacks on servers and PC terminals were discovered. This cyberattack was caused by “ransomware” that places access restrictions on systems and demands ransom, and data was encrypted on some servers and PC terminals. |
| Impact | Toyota’s 14 domestic factories and 28 lines were stopped |
| Recurrence Prevention Measures | With the support of external experts, we have strengthened the prevention of unauthorized access to networks, servers, and PC terminals, and expanded and strengthened monitoring. |
| Reference | System Failure Investigation Report (1st Report).pdf https://smbiz.asahi.com/article/14589378 |
4. How to Proceed with Security Measures and Implementation in Factories
Given the background described above, the Ministry of Economy, Trade and Industry formulated the “Cyber-Physical Security Measures Guidelines Ver. 1.0 for Factory Systems” in November 2022.
The guidelines show the way of thinking and how to proceed step by step when taking security measures. In this article, we will introduce how to proceed by excerpting the guidelines, so please use it as a reference for organizing the environment surrounding your company and for security measures.
4-1. Step 1: Organizing Internal and External Requirements, Operations, and Protection Targets
| Step | Overview |
|---|---|
| 1-1 | Organizing requirements necessary for security measure consideration/planning (Organizing management goals, etc. | Organizing external requirements | Understanding internal requirements/situations) |
| 1-2 | Organizing operations |
| 1-3 | Setting the importance of operations |
| 1-4 | Organizing protection targets |
| 1-5 | Setting the importance of protection targets |
| 1-6 | Organizing zones and linking zones with operations and protection targets |
| 1-7 | Organizing zones and the impact of security threats |
In Step 1, the current situation of internal and external requirements, operations, etc. is organized.
First, organize the current status of external requirements (security laws and regulations, standards, guideline compliance) and internal requirements (system aspects, operation/management aspects, maintenance/improvement aspects, etc.) and systems related to your company’s factory system security measures.
Next, identify how the factory system is used in daily operations and determine the importance of each operation. The importance of operations will be used as a basis for determining the importance/priority of security measures.
Next, identify the components of the factory system (networks, devices/equipment (functions/programs), data, etc.) that support/implement the operations for which security measures should be strengthened, and organize a schematic diagram of the system configuration.
From the perspective of business expansion/continuity (BC), safety assurance (S), quality assurance (Q), delivery compliance/delay prevention (D), and cost reduction (C), which are the value axes that the manufacturing industry/factory values, and from the perspective of the importance of operations, clarify the importance of each protection target that has been identified.
Factory systems set zones as areas where security measures of the same level are required, taking into account business content, business importance, etc., and link the operations and protection targets that have been organized so far.
4-2. Step 2: Planning Security Measures
| Step | Overview |
|---|---|
| 2-1 | Creating a security measure policy |
| 2-2 | Linking security measures to address expected threats (1) System configuration measures ① Security measures in networks ② Security measures in equipment ③ Security measures in business programs/use services (2) Physical measures ① Measures related to buildings ② Measures related to power/electrical equipment ③ Measures related to the environment (air conditioning, etc.) ④ Measures related to water supply equipment ⑤ Measures related to equipment ⑥ Measures related to physical access control |
In Step 2, let’s establish a security measure policy for the factory system based on the information collected and organized in Step 1.
First, set the importance and priority for the zones organized in Step 1, the operations and protection targets linked to them, and the expected threats, according to the environment in which the industry and individual companies are placed.
Link the zones, protection targets, operations, threats, impacts, and security measures that have been organized so far. It is important to plan and implement the necessary measures while considering the cost-effectiveness of the measures, etc., according to the environment in which the individual company and industry are placed.
4-3. Step 3: Executing Security Measures and Continuously Reviewing Plans, Measures, and Operational Systems
| Step | Overview |
|---|---|
| 3-1 | Measures in the life cycle Measures considering the supply chain (1) Measures in the life cycle ① Security measures in the operation/management phase A) Early recognition and response to cyberattacks (OODA process) B) Security measure management (ID/PW management, equipment setting changes, etc.) C) Information sharing ② Security measures in the maintenance/improvement phase ・Confirmation/evaluation of security measure status and effects, information gathering on environmental changes, review/update of measures ・Skill improvement of organizations/personnel (education, mock training, etc. (2) Supply chain measures ・Requesting security measures for business partners and suppliers, confirming the status of measures |
Finally, in Step 3, execute the security measures planned in Step 2 and implement measures in the life cycle and measures considering the supply chain.
The important point is that after Step 3, regularly review the measures and operations and rotate the PDCA cycle from 1 to 3 as necessary.
References: Cyber-Physical Security Measures Guidelines Ver. 1.0 for Factory Systems
References: Cyber-Physical Security Measures Guidelines Ver. 1.0 (Detailed) for Factory Systems
Summary
This article explained why security is attracting attention in factories, the latest cyberattack situation, actual examples, and specific ways to proceed with security measures in factories.
In factories, IoTization is progressing as one means of promoting DX, and security measures are attracting attention because various devices are connected to the network.
In recent years, cyberattacks in various industries have been increasing, and the manufacturing industry has the highest percentage, making security measures an important point.
The Ministry of Internal Affairs and Communications has also issued guidelines for security measures, which explain concrete ways of thinking and how to proceed step by step, making it practical.
Why not take this opportunity to review your company’s security situation?
Virus Protection Security Software “EXO Security”
Click here for EXO Security usage fees
Click here for EXO Security features
Please direct inquiries to globalsupport@jiran.com.
