TXOne Networks
Canvas Category Software : Operational Technology : Cybersecurity
Never trust, always verify. TXOne safeguards your OT operation with OT-native solutions, protecting assets for their entire life cycle.
Assembly Line
OPC-UA Cyber Threats Explained: Specifications Vulnerabilities and MITM Risks
Recent research into the cybersecurity of OPC UA in industrial control systems has revealed shocking vulnerabilities, highlighting an urgent need to strengthen security measures. Many systems utilizing OPC UA are vulnerable, primarily due to flawed implementations of security features such as certificate validation and inadequate Trust List management, issues that persist even among products from leading brands. Numerous products lack essential security features, such as Trust Lists, or have unsafe default configurations. This indicates a significant underestimation of network security threats in industrial control systems, especially those associated with OPC UA.
Mitsubishi Electric and TXOne Networks to Cooperate in Mutual Expansion of OT Security Businesses
Mitsubishi Electric Corporation and TXOne Networks Inc. announced today that they have signed a long-term cooperation agreement covering technology development and marketing, aiming at expanding the operational-technology (OT) security businesses of both companies.
OT and industrial control systems in manufacturing sites are often operated in closed environments, with IT and OT systems separated from each other. However, the emergence of the Internet of Things (IoT) and digital transformation (DX) is enabling convergence between these two domains. As a result, cyberattacks targeting manufacturing sites in industries such as semiconductors and automobiles have increased, leading to production disruptions and highlighting the growing need for more robust security measures in factories.
Through their new collaboration, the two companies aim to create innovative new value in OT security by combining Mitsubishi Electricโs assessment, maintenance and operation services as well as control equipment and systems with TXOneโs OT security products. The new OT security solutions are expected to improve manufacturing productivity, efficiency and safety as well as security levels throughout the supply chains of various industries.
TXOne Networks Secures Semiconductor Manufacturing OT With CASwell Network Security Appliances
Protecting against OT cyber-attacks can be costly and challenging, especially for industries like semiconductor manufacturing facilities. Traditional IT tools come up short due to the heterogenous compute nature of an OT environment. Complex environments such as semiconductor fabs have a much larger attack surfaces making it even more difficult to provide effective cybersecurity protection.
TXOne Networks has tackled this challenge with a network-based defense system that features IPS, antivirus, virtual patching and other security and management functionality designed to protect the OT environment and to allow security managers to have visibility into the system. Powered by CASwell network security appliances based on Intel processors with network security performance and features, the systems offer the features and throughput to ensure proper security screening at wire speeds.
๐๐ In-Depth Analysis of Cyber Threats to Automotive Factories
We found that Ransomware-as-a-Service (RaaS) operations, such as Conti and LockBit, are active in the automotive industry. These are characterized by stealing confidential data from within the target organization before encrypting their systems, forcing automakers to face threats of halted factory operations and public exposure of intellectual property (IP). For example, Continental (a major automotive parts manufacturer) was attacked in August, with some IT systems accessed. They immediately took response measures, restoring normal operations and cooperating with external cybersecurity experts to investigate the incident. However, in November, LockBit took to its data leak website and claimed to have 40TB of Continentalโs data, offering to return the data for a ransom of $40 million.
Previous studies on automotive factories mainly focus on the general issues in the OT/ICS environment, such as difficulty in executing security updates, knowledge gaps among OT personnel regarding security, and weak vulnerability management. In light of this, TXOne Networks has conducted a detailed analysis of common automotive factory digital transformation applications to explain how attackers can gain initial access and link different threats together into a multi-pronged attack to cause significant damage to automotive factories.
In the study of industrial robots, controllers sometimes enable universal remote connection services (such as FTP or Web) or APIs defined by the manufacturer to provide operators with convenient robot operation through the Control Station. However, we found that most robot controllers do not enable any authentication mechanism by default and cannot even use it. This allows attackers lurking in the factory to directly execute any operation on robots through tools released by robot manufacturers. In the case of Digital Twin applications, attackers lurking in the factory can also use vulnerabilities in simulation devices to execute malicious code attacks on their models. When a Digital Twinโs model is attacked, it means that the generated simulation environment cannot maintain congruency with the physical environment. This entails that, after the model is tampered with, there may not necessarily be obvious malicious behavior which is a serious problem because of how long this can go unchecked and unfixed. This makes it easy for engineers to continue using the damaged Digital Twin in unknown circumstances, leading to inaccurate research and development or incorrect decisions made by the factory based on false information, which can result in greater financial losses than ransomware attacks.
๐ Digital Twins: The Benefits and Challenges of Revolutionary Technology in Automotive Industries
With the advent of Industry 4.0, an increasing number of organizations have implemented digital twin technology to optimize their performance, enhance their educational initiatives, or facilitate advanced maintenance. Even the automotive industry has readily embraced this transformational technology. However, organizations must acknowledge that the adoption of digital twin technology may simultaneously expose them to potential cyber threats. Thus, securing digital twins within an organization should be viewed as an essential priority, on par with their implementation.
One of the challenges of implementing digital twin technology is maintaining consistency between the physical and virtual twins. In the case of a model corruption attack, it can be difficult to detect the issue, as developers may not notice the problem until they inspect the repository or run jobs on an infected digital twin. Running an infected digital twin not only leads to inconsistencies, but it can also compromise the CPS, as the malicious code sent by the infected twin may cause additional harm.
๐๐ฆพ Anatomy of Robots: Cybersecurity in the Modern Factory
In highly networked modern factories and complex robotsโ operating modes, attackers have the opportunity to use more diverse methods to carry out cyberattacks on robots, particularly in the case of manufacturers who do not take product cybersecurity issues seriously. This complacency creates opportunities for attackers that break into a factory to easily compromise these devices. When robots are successfully attacked, in addition to directly causing the factory to halt the manufacture of products, this tampering will also affect the safety of peopleโs lives due to the nature of close cooperation between co-bots and humans. With this in mind, using past and current robotics cybersecurity literature and research as reference, we will analyze the following potential attack scenarios for robots.