Data protection issues in air-gapped factory-floor environments

The downtime costs for highly automated factory-floor environments are some of the world’s highest, estimated at anywhere from $1 million to $10 million per hour, and up. So it should be no surprise that many manufacturing enterprises seek to eliminate the possibility of a network-borne cyberattack by air gapping their factory-floor IT and operational technology (OT) systems, i.e., disconnecting them from the corporate network, the public internet, and any other potentially untrusted network belonging to a partner or supplier.

Above is one reliable way to reduce the attack surface of factory floor systems that demand extremely low downtime for the business to remain profitable and avoid costly supply-chain disruptions. For example, without a network connection, it’s much harder for a ransomware gang to get its malware onto a system so it can steal sensitive data, encrypt critical applications and demand a hefty extortion fee to get a business back online.

However, that protection against cyberthreats comes at a cost. Air-gapped networks present several challenges to basic IT operations:

Without the ability to establish a virtual network connection into the factory floor, centralized IT operations staff cannot remotely download software patches to close security vulnerabilities, updates to IT, OT and industrial control system (ICS) firmware and updates to operating systems, applications and other tech infrastructure like networking devices.

These patches and updates must be transferred manually, e.g., via physical media like USB drives, that’s a time-consuming and error-prone process. If the update creates any problems, e.g., an application stops working or loses functionality because of an OS patch, the rollback process to the preupdate version can be difficult and slow.

Without the benefit of a network, the collection and analysis of production data generated by OT and ICS for reporting, diagnostics and decision making must also be transferred using slow, unreliable transfer via portable storage media.

Even without the use of external network connections, the threat of a potential cyberattack still exists. For example, USB drives and other physical media may be compromised with the inclusion of malware like ransomware and keyloggers. For example, the historic Stuxnet advanced persistent threat attack made its initial incursion into a secure manufacturing facility when attackers dropped malware-infected USB drives in the employee parking lot, which unwitting staffers happily collected and then used inside the secure, air-gapped perimeter with disastrous results.

Without access via an external network connection, centralized IT staff cannot implement automated monitoring and alerts to detect and identify problems in real time. IT operations and cybersecurity tools commonly used to remotely diagnose and fix issues cannot cross the air-gap perimeter. This can hamper IT’s ability to share information and coordinate responses with other company department and external vendors.

Without the ability to use remote operations and security tools, IT staffers may have to physically travel to the site to solve problems, incurring extremely high downtime costs in the meantime. This may be exacerbated by the remoteness of many manufacturing facilities, e.g., offshore oil rigs, desert-based refineries, mining facilities in mountainous regions, etc.

Without the benefit of remote network connections and automated central monitoring systems, the collection of data for auditing and regulatory compliance issues may have to be done manually, a slower and more error-prone process.

Air gapping prevents IT, OT and ICS infrastructure from being integrated with modern IoT devices and cloud-based services.

Backup processes to ensure the ability to restore systems quickly from data loss for any reason, e.g., a hard drive failure or operator error, can be more cumbersome and unreliable in air-gapped environments. Disaster recovery implementation and testing is likewise more difficult, potentially leading to longer recovery times.

Managing and maintaining air-gapped environments requires specialized skills and training. Most factory floor environments have skilled OT engineers on-site, but not IT staffers.

Acronis has a long history of providing data protection solutions to manufacturing enterprises with air-gapped factory-floor environments. In fact, Acronis Cyber Protect is frequently used by leading automation vendors, including ABB and Rockwell Automation, as their default backup solution. Acronis addresses the challenges of these unique environments, minimizing their painfully expensive downtime costs with the following capabilities:

Acronis use of image-based backup technology enables the protection a very broad range of Windows, Linux and virtual OSes used in OT and ICS environments, including many ancient versions of these OSes that have long been unsupported by their vendors, and thus are no longer supported by other backup vendors. This is important in environments where the stability of the IT interaction with OT and ICS is critical, so the computer environment is never upgraded even after ten or fifteen years in service.

Acronis quickly restores failed IT systems in OT / ICS environments to a matter of minutes in several ways. One, its One-Click Recovery feature, enables non-IT professionals (including OT engineers) to initiate the restoral of a failed computer with push-button simplicity. Two, high-performance restoral features like Instant Recovery minimize the time it takes to get critical IT systems running again after a failure, e.g., by enabling the failed system to run as a virtual machine within a matter of seconds while the recovery process to a physical machine is underway.

Acronis allows the creation of a “digital twin” of any IT system — a backup copy running on a VM — that can be used to test the functionality and performance of software patches and other updates before they are applied to production machines. This same VM capability can be used to quickly roll back any updated IT systems to their previous version in the event of any unforeseen problems with the patch or new software version.

Acronis can safely report on the protection status of factory-floor computers associated with OT and ICS to centralized IT staff via outbound-only file transfers.

Learn more about how Acronis helps manufacturers avoid costly downtime by protecting the computers associated with their factory-floor OT and ICS:

• Webinar replay: Reliable backup and recovery for manufacturing environments — Watch the replay of a virtual conference that demonstrates the Acronis data protection solution for factory floor environments  
• Infographic: Maintaining OT uptime with One-Click Recovery — Get a graphical overview of how Acronis One-Click Recovery helps non-IT personnel quickly restore computers in OT and ICS environments without IT staff intervention.
  

• White paper: Preserving OT uptime in highly automated factory floor environments — Take a deeper dive on the issues around preserving the uptime of OT systems in highly automated factory floor environments.

• Case study: ABB chooses Acronis Cyber Protect to ensure maximum security for its customers’ facilities — Learn how a leading global automation vendor uses Acronis to protect its manufacturing customers.

• Case study: Tata Steel Downstream Product Limited modernized its backup with Acronis Cyber Protect — Read about how a major steel manufacturer has improved its data protection regimen with Acronis.

• Case study: Toyota Motor Manufacturing France drives productivity with easy-to-use Acronis Cyber Protect — Learn how a leading automobile manufacturer has improved its data protection regimen with Acronis.