Are you prepared for OT security?

In today's connected world, with the Industrial Internet of Things and increased adoption of industry 4.0, businesses must deal with more and more connected devices. Security is key to success here and should not be ignored, says Tim Ricketts, Director of M.A.C. Solutions.

Historically there has been a convergence between IT (Information Technology) and OT (Operational Technology). There is now a real need for data from the plant floor to the top floor business systems. To date, this has been achieved by connecting firewalls to control the traffic flow and allowing production data to be made available for business information needs. However, if you have a misconfigured firewall, your OT network is at risk from the Internet, as PLCs and automation equipment will be exposed to external infiltration.

Imagine the following scenario. A person is updating a control system; the media is stored on a USB memory device, but the USB memory device has been infected because that person used the device at home the previous evening, which does not have a current active anti-virus. The payload has now been installed as part of a file transfer and has become "˜active'. The malware is now distributing itself through the network PCs and is trying to phone home. Eventually, the malware discovers an open port on the firewall and is able to phone home and deliver a RAT (Remote Access Trojan). This provides a backdoor for remote access by a third party. Before you're even aware of it, your OT system is infected with a Ransomware demanding £250,000 in bit coins to provide the keys: no real skills were involved here, just human error.

This is just one fairly simple scenario. A more sinister scenario could be that once the payload has been delivered, you're now under attack in a very stealth way, your control traffic is being decoded, protocols and devices are being discovered as the attackers are now learning your network, devices and control philosophy ready to launch an attack. This can take months of preparation and finally an attack is launched to disrupt the operation, modify recipes of pharmaceutical batches for blackmail exploitation, turn off the lights or stop the production. During this process, PLC code (data words in data blocks) may have been modified, all under the radar.

MAC Solutions has looked at a couple of OT Cyber attack scenarios. You may be asking yourself what can we do as a business to help mitigate these real threats. MAC Solutions has been working in OT since its inception in 1996 and is a technology vendor and trusted advisor to many European and UK companies. Over the past few years our clients have recognised that they can no longer say that their systems are protected because they are "˜air gapped' and therefore are immune to cyber attacks.

If the above security threats are broken down, we can begin to see which solutions can be provided by MAC Solutions:


  • USB memory devices can be controlled by preventing the endpoint computer accepting a device unless it has been scanned and verified first
  • PLC code changes can be protected by daily comparisons and by reporting on any unauthorised changes
  • Traffic scanning and ingress protection can be identified by Intrusion Detection Systems that are specifically designed for OT network traffic
  • Inter-communications between endpoint devices can be encrypted at wire speed to prevent control traffic being interpreted and a "˜Man in the Middle' attack launched
  • Firewalls to be replaced with unidirectional gateways, so data can be mirrored between OT and IT, traffic only flows in one direction at the speed of light using data diode technology

MAC Solutions is building a comprehensive portfolio of products to assist in the war against cyber criminals. For more information on how they can assist you, or if you have any queries relating to this article, please visit

M.A.C. Solutions (UK) Ltd

Unit 6-7 Kingfisher Business Park
Arthur Street
B98 8LG

+44 (0)1527 529774

More technical articles
1 day ago
Phoenix Contact celebrates its 100th anniversary
Phoenix Contact is celebrating a century full of passion for technology and innovation. In the past 100 years, the family-run company Phoenix Contact has evolved from a commercial agency for industrial products into a global manufacturing company.
1 day ago
Igus reveals its secret to keeping manufacturers stocked and ready
Buyers of common cables, who would typically assemble their own cable sub-assemblies, are now ordering Igus e-chains and ready-to-connect cables due to Igus’ ability to deliver quickly.
1 day ago
Thorite enhances systems expertise with new appointments
Compressed air and fluid power specialist Thorite has made two new appointments to develop its specialist support in electric automation and systems building.
1 day ago
Piab Group acquires IB Verfahrens- und Anlagentechnik and Coval
Piab Group has boosted its capabilities in vacuum conveying and in robotics with the acquisitions of Coval and IB Verfahrens- und Anlagentechnik.
2 days ago
Latest Norgren acquisition sees customers access enhanced electric motion soluti
Continuing a strategic commitment to offer the widest customer choice, Norgren’s extensive range of electric motion solutions has been further enhanced with the introduction of a new portfolio of linear and multi axis systems.
5 days ago
RS unveils Better World product range of sustainable products
RS Group, a global omni-channel provider of industrial product and service solutions, has announced the launch of its Better World product range.
5 days ago
Sumo processing system offers big benefits thanks to Yaskawa robot
A new robotic handling system based on the MOTOMAN GP7 robot from Yaskawa has proved to be very successful on an automatic grinding machine for a major German pump manufacturer which specialises in supplying customised pumps for automotive engineering applications.
1 week ago
Schaeffler destroys ten tonnes of counterfeit rolling bearings
Schaeffler takes regular and consistent action against counterfeit products, and now it has had around 30,000 counterfeits with a total weight of ten tonnes destroyed in Schweinfurt.
1 week ago
Klüber Lubrication awarded with gold medal for sustainability again in 2023
Klüber Lubrication was awarded the ‘gold medal’ by EcoVadis, a leading company for sustainability ratings, for the second time after 2022. This makes the lubricant manufacturer one of the best four percent of more than 100,000 companies rated worldwide.
1 week ago
Festo highlights the benefits of standardised hardware
Festo says its standardised hardware and the ability to work with the industry leading control architectures makes its stepper and servo drives, remote I/O and valve terminals a natural choice for machine manufacturers and end-users.

Login / Sign up