Siemens offers a portfolio of CNC programs and integrates these with the Mindsphere open IIoT operating system, a Cloud-based platform of customizable services for digitalized machine shops.

4 Cybersecurity Vulnerabilities for Machine Shops

April 17, 2019
Once you realize your operation may be targeted, you’ll recognize various improvements you can make to minimize the threats

The Industrial Internet of Things (IIoT) could help small-to-medium-sized machine shops maintain higher levels of productivity than was possible without that connected technology. However, as these entities invest in advanced networking and high-tech equipment, they also must remain aware of cybersecurity threats. Here are four frequent risks that deserve attention.

1. Unsecured CNC machines — CNC machine tools allow operators to automate steps of their processes, such as cutting materials. They equip enterprises to maintain steady workflows, but a lack of security for any of those CNC tools could be disastrous. Analysts indicate there are various ways that hackers could wreak havoc with the programs after gaining access to a network and start digging through the information available in an unsecured machine.

For example, a hacker could manipulate a machine's programming to make it create defective parts. Then, if the machine shop operator does not notice the problem in time, those parts could enter the market and create danger for the people or companies using them.

Or, a malicious hacker might want to infiltrate a CNC machine tool to gain a competitive advantage by stealing confidential, proprietary information.

Machine shops can lock down their CNC tools by installing strong firewalls, as well as authentication tools that grant or deny access to the network based on user privileges. It's also crucial to keep operating systems and software updated because both of these are vulnerable to cybercriminal attack if left out of date. Flaws in an operating system or software version could help hackers get into a system that seems secure.

2. Data smuggling — People know that contraband or counterfeit goods are smuggled, but they may not consider the prospect off the same thing happening with a business’s proprietary information. A 2018 report by Vectra offered an overview of the most prominent cybersecurity threats against manufacturing organizations. It showed that data smuggling was the most common kind of "data exfiltration."

More specifically, data smuggling happens when a hacker on the outside uses an internal host device to grab data from at least one server and transfer a large amount of it to an external destination. Vectra's research examined exfiltration tactics occurring from January through June 2018 and revealed that data smuggling was the most common exfiltration method that threatens manufacturing companies. Hackers pull off this kind of attack by remotely accessing the target servers.

That's why machine shops should monitor their networks continually and check for strange characteristics that warrant an investigation. Outside of the machine shop sector specifically, cybersecurity experts know that hackers used popular video-sharing sites to smuggle data.

They would steal sensitive corporate data, then compress and encrypt it, and finally, embed the carefully prepared content into video files. The hackers uploaded those videos to the site and downloaded them to extract and reassemble the data for further use. All the videos came from individual users and were identical in size. Those characteristics caused people monitoring the network to realize that something was "wrong."

This is just one way that hackers can smuggle data from a machine shop, but it reinforces why it's so necessary to check for unusual network traffic. If something doesn't seem right, don't dismiss it. Dig deeper to see what's going on, to avoid getting blindsided.

3. Poorly managed (or non-encrypted) passwords — If your machine shop uses the same password for multiple logins or implements passwords that are easy to guess — such as "12345", or "password" — the likelihood increases substantially that if a hacker gains access, they'll do tremendous damage. However, research shows the main issue for manufacturers is not that passwords are too easy to guess — it's the lack of encryption.

A 2019 study by CyberX looked at the main issues faced by companies depending on the IIoT and industrial control systems (ICS). It showed that the associated equipment used plain-text passwords 69 percent of the time. That means encryption only occurred in 31 percent of cases.

Hackers often perform reconnaissance to see which networks or machines would be the easiest to infiltrate. Then, they use that information to plan when and how to attack. You can use tools to encrypt passwords so that even if hackers get access to them, they don't automatically have access to protected data. Also, if you use a password-management platform, it should have an encryption mechanism built into it.

4. No top-down commitment to cybersecurity — Using strategies to keep hackers out is one thing, but you cannot overlook training staff to recognize the signs of a potential attack attempt. If you haven't considered mandating this kind of training for the people who work in your machine shop, you're not alone. Statistics showed that only 34 percent of those polled in the manufacturing sector thought core staff members took cybersecurity seriously in their day-to-day work.

Moreover, that same study highlighted how a mere 31 percent of organizations said their directors or top managers showed a very high commitment to cybersecurity. When the people in the most senior positions of authority within a machine shop do not seem to care about cybersecurity, the people in lesser roles likely won't care either.

One positive sign is that a growing number of manufacturing organizations understand that now is the time to ramp up their investments in cybersecurity training. However, there's a long way to go. Regardless of their respective roles, the employees of machine shops need to be educated about how quickly cyberattacks can shut down operations if they are not mitigated.

Also, in many cases, hackers don't initially try to compromise particular machines. Instead, they will do something that will not seem suspicious to most people, such as sending phishing emails to try to get log-in information, or something that could act as a gateway to wider access.

You may be under the impression that because your machine shop is not a particularly large establishment, hackers will not target it. Reconsider that, because cybercriminals want to cause chaos wherever they can, their careless attitudes toward cybersecurity could make your shop a prime target for hacking.

Getting your organizational leaders to prioritize cybersecurity is the first step. From there, you should plan ongoing cybersecurity training sessions for every team member.

Awareness stimulates changes — This list may have made you realize your machine shop has various improvements to make to protect against cybersecurity threats.

Don't forget that the first step to making those enhancements is to become aware of what to fix. If what you've read here reminded you of some known issues, think about undergoing a cybersecurity audit to understand how to address other weak points and safeguard your facility.
Kayla Matthews writes about the IoT, IIoT, automation and smart technologies for publications like InformationWeek,, Robotiq others. Recently, she describe 6 Robotics Trends Taking Over Manufacturing. To read more from Kayla, follow her personal tech blog, Productivity Bytes.