Securing Pharmaceutical Manufacturing Against Industrial Cyber Threats

With the rise of sophisticated cyberattacks, pharmaceutical companies must look beyond IT and secure the industrial control systems at the heart of their manufacturing processes.

Pharmaceutical companies are a primary target of cyberattacks. After all, formulas of new drugs are highly valuable. A breach into drug manufacturing systems can easily lead to a wide range of operational disruptions – including production downtime – and can result in inefficient or poisonous drugs, spillage of hazardous materials and other undesired outcomes. For the pharmaceutical industry, ensuring product quality is undoubtedly a fundamental concern.

At the heart of pharmaceutical manufacturing facilities lie the industrial control systems (ICS) which manage and automate drug manufacturing processes. They control production quality and ensure that chemicals and other substances are mixed, heated and cooled in strict accordance with each drug's specification. 

Since pharma products are manufactured using complex processes, increasing business value exists in connecting operational technology (OT) and IT systems, which is driving deeper integration between IT and operational networks. With the efficiencies and cost savings offered by the blurred lines between IT and operational technologies comes greater risk that external attackers can reach ICS through an IT network breach.

Any incident that compromises ICS – due to a sophisticated cyberattack or innocent human error – can have severe consequences. Months of revalidations may be required before resuming operations, which may result in major financial losses and considerable reputational damage. To avoid such incidents, and comply with federal regulation requirements, pharmaceutical manufacturers need better visibility and control into their ICS networks.

External and internal security threats to pharma manufacturing systems

Despite the substantial growth of external cyberattacks against ICS networks, pharmaceutical manufacturers still report that their biggest security concern actually comes from insiders.

Trusted employees, contractors and integrators who work on these complex, technologically intensive manufacturing processes can cause a wide range of disruptions, unintended outcomes and significant damage. Malicious insiders have direct access to manufacturing processes and therefore have the ability to sabotage these systems.

Another major concern is, of course, human error. Unintentional mistakes are the leading cause of operational downtime. Simple errors such as making changes to the wrong programmable logic controller (PLC), or incomplete maintenance to distributed control systems (DCS), can cause a wide range of disruptions and downtime, and result in undesirable products.

FDA requirements for drug manufacturing: Zero changes to DCS systems

In the U.S., the Food and Drug Administration (FDA) stipulates that drug products be produced with a high degree of assurance that they contain all of the attributes they are intended to possess. It requires manufacturers to maintain processes in a state of control over their entire lifecycle, even as materials, equipment, the production environment, personnel and manufacturing procedures change.

Given that drug manufacturing processes rely on ICS, these systems cannot undergo any unintended changes. All access to critical assets in these systems must be tracked, including PLCs and DCS.

However, ICS do not include built-in tools to enable automated tracking of assets and changes. As a result, this requirement has been addressed using manual procedures, which are inaccurate and resource-intensive.

The root of the problem: Lack of visibility and control in ICS networks

Despite operating in a highly regulated environment, ICS networks used in pharma manufacturing lack basic controls required to ensure that FDA requirements are being met. For example, most control devices such as PLCs, remote terminal units (RTUs) and DCS controllers lack authentication, use default passwords, and fail to encrypt their communication. This makes it virtually impossible to prevent unauthorized changes to these systems.  

To make matters worse, the lack of event logs makes it very difficult to identify changes. This lack of visibility and control in ICS networks prevents the early detection of incidents, whether caused by cyberattacks or human error. As a result, problems are often detected too late – usually after disruptions have occurred and damaged goods are produced.

Enabling accurate, secure and continuous pharma manufacturing processes

The primary security challenge in pharma manufacturing, similar to most industries, is visibility into engineering activities. In ICS networks, changes to control logic, PLC firmware and configuration are executed over proprietary, vendor-specific protocols known as the control plane.

Each OT vendor uses their own implementation of the IEC-61131 standard for programmable controllers, and since these are rarely documented, it creates a “black box” syndrome.

Since changes to critical assets controlling manufacturing processes are executed using proprietary vendor-specific protocols, there is no standard way to monitor and detect changes – whether malicious or unintentional – until it’s too late.

How can Tenable’s industrial cybersecurity solution help?

Tenable’s OT security platform, Tenable.ot, enables engineers and security personnel to secure and control pharma manufacturing processes. The platform monitors and tracks all ICS activity, including engineering-level access to control devices. Using patent-pending technology, Tenable offers full visibility into the critical control plane activity, uniquely identifying changes made to firmware, logic, code and hardware configuration.

Tenable.ot also allows pharmaceutical manufacturing companies to meet FDA requirements, protect their intellectual property and reduce the risk of a damaging security breach by offering the following capabilities:

• Full tracking of ICS activities enables manufacturers to verify that no unauthorized changes are made to ICS and other sensitive processes
• Real-time alerts provide early detection of suspicious and unauthorized access so engineering staff can quickly address the issue and avert or minimize damage
• Logging of detailed information about each incident, whether legitimate or malicious, allows engineers to quickly pinpoint the cause of the incident and shorten mitigation times
• Comprehensive audit trail helps engineers ensure maintenance was performed on schedule, while enabling security teams to identify unauthorized changes and determine the root cause
• Replacement of error-prone manual tracking with efficient and accurate automated asset management processes, which helps reduce costs and resource investments

For more best practices in securing your supply chain from cyber threats, check out Tenable’s solution overview for pharma manufacturing.