Create a free Manufacturing.net account to continue

Manufacturing Needs an Upgrade

This shift is not just about quantum developments, but also the need for greater agility and backward-compatible cryptography.

Skip Sanzeri
Dec 5, 2023
Robot Programmer

The world has entered an era in which we must upgrade the cybersecurity we all use every day. Public Key Infrastructure, or PKI, was invented in the late 1970s and uses the same cryptographic format now as it did 50 years ago. The only significant difference is that we have increased key sizes to stay ahead of increased computing power.

Large commercial and federal organizations are keenly aware of the upgrade driven by the quantum computing threat, so they have begun researching and testing quantum-resilient solutions (also called Post-Quantum Cybersecurity or PQC). However, this global cryptography upgrade is not just about the quantum danger, but rather the need to move to agile, innovative (think AI), and backward-compatible cryptography. The manufacturing industry should start researching PQC as this critical infrastructure represents a prime target for cyberattack.

Quantum Computers

Quantum computers are slated to do amazing things for the manufacturing industry. These advanced and powerful quantum systems can more efficiently and effectively help with chemical discovery, product development, and process optimization.

However, well before quantum computers are online with enough power to create major efficiencies for the manufacturing industry, they will be weaponized to crack current encryption, and could be used to take control of networks and SCADA systems. The fact is that manufacturing (just like the rest of the world) uses standard encryption to protect its data and systems. Quantum computers, due to their processing characteristics using subatomic properties, can easily break this encryption once they have enough power. 

Recognizing the threat, in December the U.S. federal government passed a law forcing all federal agencies to upgrade to post quantum cryptography.

The reason quantum computing is threatening to our networks and data is a specific algorithm, Shor’s Algorithm. Today’s PQC encryption methods are mathematically proven to be resistant to Shor’s algorithm. Each encryption method uses a different protection method, so new encryption algorithms will be safe unless corresponding decryption methods are found.

This is a possibility, since quantum computing is a young field and there are still many algorithms to discover. If vulnerabilities are found in today’s PQC standard, cryptography would have to move to a new encryption algorithm. As manufacturing leadership considers how to begin the upgrade to stronger encryption, it is recommended that they start right away, as threat vectors are getting more powerful and broad-based (due to factors like AI).

What to do Next

Here are some steps that we can take to bolster our defenses:

  • Start with a cryptographic assessment to determine which cryptographic schemes are used, where they are located, and which ones are most vulnerable to AI and quantum attacks. This can help in identifying any weaknesses or vulnerabilities in these algorithms or deployments, leading to the development of more secure cryptographic techniques.
  • Think in terms of cryptographic agility. This means you have an effortless way to change cryptography if it is breached, or for any other reason. Cryptographic agility, powered by AI, could have the potential to stay one step ahead of attackers by shifting algorithms and keys so hackers see no consistent patterns. Given that there are multiple post-quantum algorithms being proposed and developed, AI can assist in determining which of these algorithms is best suited for a particular use case, based on factors such as security, performance, and available resources.
  • Switch to post quantum cryptography (PQC) wherever possible. You can learn more about this by going to the National Institute of standards and technology (NIST) website.
  • Deploy PQC across the entire network including servers, cloud, and edge. Think of phones, laptops, equipment behind the firewall, ITS/SCADA devices, cloud-based servers, and even satellites. For rapid scalable rely on PQC that can be deployed without installing anything on edge devices. This will make it much easier and quicker as there is no change to the endpoint or user experience.
  • Get smart about cybersecurity. AI can be used to manage and dynamically update security policies based on the threat landscape. Think of active defense and active attack mitigation to ensure that you are set for the future.

Latest in Cybersecurity
General Cyberattack
Verizon Report Shows Vulnerabilities, Human Errors as Primary Challenges
May 9, 2024
Logistics Management
Third-Party Intelligence Helps Expose Supply Chain Threats
May 9, 2024
Computer Crime Concept 516607038 2125x1416 (1)
Threat Report Shows Onslaught of DDoS Attacks
May 9, 2024
Ep94tn
Security Breach: The Hacks!
May 9, 2024
Related Stories
General Cyberattack
Cybersecurity
Verizon Report Shows Vulnerabilities, Human Errors as Primary Challenges
Logistics Management
Cybersecurity
Third-Party Intelligence Helps Expose Supply Chain Threats
Computer Crime Concept 516607038 2125x1416 (1)
Cybersecurity
Threat Report Shows Onslaught of DDoS Attacks
General Cyberattack
Cybersecurity
CISA, FBI Release Secure by Design Alert
More in Cybersecurity
General Cyberattack
Cybersecurity
Verizon Report Shows Vulnerabilities, Human Errors as Primary Challenges
Most breaches involve a non-malicious human element, such as falling prey to a social engineering attack.
May 9, 2024
Logistics Management
Cybersecurity
Third-Party Intelligence Helps Expose Supply Chain Threats
The platform extension offers vendor-specific security posture data.
May 9, 2024
Computer Crime Concept 516607038 2125x1416 (1)
Cybersecurity
Threat Report Shows Onslaught of DDoS Attacks
Hacktivist groups are increasing attack frequency and raising their level of aggression.
May 9, 2024
Ep94tn
Video
Security Breach: The Hacks!
In this episode, we dive into some of the most notorious attacks to hit manufacturing over the last six months.
May 9, 2024
Cybersecurity
Software
New Siemens Software Automatically Identifies Vulnerable Production Assets
The cybersecurity SaaS will be available for purchase in July 2024.
May 8, 2024
Manufacturing
Industry 4.0
Tech Trends to Watch in Manufacturing
AI is at the forefront.
May 7, 2024
General Cyberattack
Cybersecurity
CISA, FBI Release Secure by Design Alert
The two agencies are urging manufacturers to eliminate directory traversal vulnerabilities.
May 3, 2024
Financial Cyber
Cybersecurity
Ransomware Report Shows Fewer Incidents, Future Concerns
The fear is that larger RaaS groups are exercising greater control over their affiliates.
May 3, 2024
Manufacturing Infrastructure Cyber
Cybersecurity
CISA Releases Latest ICS Advisories
Cisco, Siemens, Honeywell and Mitsubishi systems top the list.
May 3, 2024
Ep92tn
Cybersecurity
Security Breach: Predictions That Hit
A look back at Security Breach guest's most accurate and timely industrial cybersecurity predictions.
May 2, 2024
Andrew Witty, Chief Executive Officer of UnitedHealth Group, testifies at a Senate Finance Committee hearing examining cyber attacks on health care, and the Change Healthcare cyber attack, Wednesday, May 1, 2024, on Capitol Hill in Washington.
Cybersecurity
Change Healthcare Cyberattack Due to Lack of Multifactor Authentication
That's according to UnitedHealth CEO Andrew Witty.
May 1, 2024
I Stock 1311492607
Cybersecurity
ZAG Launches Cybersecurity Series for Food, Agriculture Sectors
Empowering agricultural businesses with the tools necessary to protect their digital infrastructure.
April 29, 2024
Ransomware
Cybersecurity
Report Identifies Hidden Costs, Challenges of Ransomware
Too many are paying, and the reasons range from understandable to infuriating.
April 25, 2024
Ep90
Cybersecurity
Security Breach: DMZs, Alarm Floods and Prepping for 'What If?'
The new factors impacting a growing attack surface, and how to evolve your cyber risk strategies.
April 25, 2024
Fleet Of Fed Ex Delivery Trucks In A Parking Lot 483290419 4500x3000 (1)
Cybersecurity
Transportation and Logistics Under Siege
A look at how this vital and increasingly targeted market sector is responding to more cyberattacks.
April 24, 2024