Manufacturers have become major targets for cyberattacks in recent years, largely due to the vulnerability of operational technology (OT) systems that run on outdated platforms and are not protected with the same cybersecurity and data protection measures as IT systems.
A 2024 report by Statista revealed that more than a quarter of global cyberattacks in 2023 targeted manufacturers, the largest percentage of any field. OT and industrial control systems (ICS) absolutely cannot go down. Any downtime can cost a manufacturer severely.
But OT systems often run on platforms that the rest of the computing world has left behind. For instance, Windows XP, frequently found in OT environments, is nearly a quarter century old; Microsoft placed it in end-of-support and stopped issuing bug fixes and security patches for it in 2009. Operating systems that old usually can’t run modern cybersecurity software.
IT moves in on OT’s territory
IT departments regularly update security software and apply vendor-supplied patches to applications so as to close known vulnerabilities, often using scheduled downtime. Many embrace IT as a service, effectively outsourcing their IT operations to a managed service provider (MSP).
OT managers can’t do any of that, at least not easily. That’s why, in many manufacturing organizations, OT and IT still run separately. OT systems are commonly “air gapped” — disallowing connections to external networks, including the enterprise intranet — so that a successful cyberattack on IT won’t affect OT and halt production systems.
However, that practice is changing as organizations seek to exploit the advantages of Manufacturing 4.0 (a.k.a. Industry 4.0). This digital transformation model more closely integrates IT and OT and enables more connections to external networks in order to take advantage of new technologies like the Industrial Internet of Things (IIoT) and cloud-based data analytics collected by OT sensors.
In recent years, a growing number of chief information security officers (CISOs), who once dealt exclusively with IT, have begun to assume responsibility for securing OT operations as well. In one survey, 95% of respondents said CISOs would be involved in OT cybersecurity decision making, up from 88% the year before.
IT and OT are integrated but not the same
The problem is that IT and OT aren’t the same and don’t use the same processes or technologies. Manufacturers can plan more downtime for IT systems than they can for OT systems, which are essential for meeting production quotas.
The high cost of OT downtime makes securing OT systems a major challenge. Security updates and maintenance for OT can be difficult to execute because they usually require more downtime than most manufacturers can afford. In a 2024 survey by Statista, manufacturing executives said mandatory uptime was the biggest hurdle to reducing cyberattacks on control systems.
There are other major challenges. Aging OT infrastructure is difficult and sometimes impossible to update. In many cases, vendors long ago stopped producing updates for applications and platforms that are still at the heart of OT manufacturing systems.
Upgrading manufacturing environments to newer technology runs the risk of breaking or crimping the functionality of OT software, so manufacturers avoid hardware and OS updates in the interest of stability. Often, software goes unpatched and isn’t adequately protected.
Beyond that, OT locations — manufacturing plants, oil refineries, power plants, mining operations, etc. — cannot justify full-time IT staff on-site, but are costly and time-consuming to dispatch IT personnel to in the event of an OT system outage.
How manufacturers can secure legacy OT systems
The dilemma is difficult but not impossible to solve. There are best practices manufacturers can adopt to safeguard OT systems.
Network segmentation
For starters, network segmentation can be deployed to limit access to critical assets. By isolating sensitive OT systems, businesses can reduce the risk of unauthorized access and lateral movement of threats from IT to OT. Segmentation doesn’t necessarily break the integration of IT and OT, but it does enable managers to more effectively control it.
Multifactor authentication
Enforcing multifactor authentication (MFA) for all user accounts adds an extra layer of security by requiring more than one method of authentication to verify the user's identity. MFA makes it much harder for unauthorized users to gain access to systems.
Zero trust security
The zero trust security model is gaining traction in OT environments. Zero trust assumes that no user or device is inherently trustworthy. Every entry to an OT system has to pass a security test. Continuous verification and authentication significantly enhance security, especially as IT and OT convergence opens up more attack vectors into OT systems.
AI-driven threat monitoring
Some modern technologies can play a role in securing legacy systems. For example, AI-driven monitoring continuously analyzes system behavior and identifies anomalies. It can then take steps to stop or significantly mitigate damage from cyberattacks.
Reliable backup and rapid recovery
Perhaps most importantly, OT systems managers need to be able to recover information quickly after an incident and get operations up and running again as rapidly as possible. Effective backup and recovery are absolutely essential.
Acronis Cyber Protect enables manufacturers to secure legacy OT environments
Acronis Cyber Protect for Operational Technology delivers capabilities that enable organizations to ensure manufacturing uptime. The solution delivers cybersecurity essentials, including MFA and threat monitoring with AI.
The bottom line is that Acronis Cyber Protect delivers an IT level of data protection for OT systems without the downtime associated with IT security. It can protect OT environments whether they are integrated with IT or air gapped.
Some key features for OT environments include:
Universal Restore: This feature enables manufacturers to back up and recover systems, even if they’re running older, unsupported operating systems. With Universal Restore, manufacturers can restore legacy applications to new hardware with the necessary drivers installed. The result is a massive reduction in downtime.
One-Click Recovery: This unique feature enables local non-IT staff to quickly restore OT systems that have failed or been compromised by malware. Again, manufacturers can reduce downtime and associated costs and get production systems back up and running quickly after an incident.
Backup without downtime: This capability is critical. Acronis Cyber Protect conducts backups without taking an OT system offline or rebooting it. As such, critical security processes do not disrupt production. This feature addresses the essential dilemma of balancing data protection with uptime. With Acronis Cyber Protect, manufacturers can have both.
Legacy OT systems aren’t going away, and they don’t have to
Manufacturers will likely run legacy OT systems for years to come. Securing them requires specialized strategies to maintain operational integrity while minimizing the risk of downtime and cyberthreats. By implementing some best practices and embracing the OT-specific capabilities in Acronis Cyber Protect, manufacturers can effectively protect their critical infrastructure and ensure continuous operations.
About Acronis
A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 21,000 service providers to protect over 750,000 businesses.
