Find out how Honeywell has pivoted to deliver new services and products that help critical industries tackle the COVID-19 pandemic!
How Honeywell Is Helping Industries Tackle COVID-19
Honeywell have long been a solution partner for critical industries, with over 100 years of global experience in various industries.
In an exclusive roundtable session, Norm L. Gilsdorf, President of Honeywell ASEAN, detailed how the COVID-19 pandemic has created a crisis for critical industries.
On the other hand, it offered Honeywell the opportunity to showcase their expertise in creating new solutions and products to meet the new challenges.
Honeywell Products + Services That Help Industries Tackle COVID-19
Honeywell have quickly pivoted to develop these new solutions and products to help critical industries In ASEAN countries and around the world better handle the challenges of the COVID-19 pandemic.
Honeywell UV Treatment System
The Honeywell UV Treatment System is a deep ultraviolet (UVC) sanitising system for airlines that significant reduces certain viruses and bacteria on airplane cabin surfaces.
It is roughly the size of the typical airline beverage cart, with arms that extend over the top of seats, to sweep the cabin with UVC light.
The Honeywell UV Treatment System can service an aircraft cabin in less than 10 minutes for just a few dollars per flight for midsize to large airline fleets.
Currently, several major airlines in the ASEAN region are testing this system on their aircraft.
Honeywell Healthy Building Solutions
The Honeywell Healthy Building Solutions are not new, but they go a long way to help companies protect their workforce from COVID-19.
By integrated air quality, safety and security technologies, they help to improve the health of building environments, operate more cleanly and safely, and help enforce social distancing policies.
The same technologies can also be employed in other public and commercial facilities like hospitals, airports, factories, educational institutions, etc. to enhance safety and compliance.
Honeywell Remote Industrial Solutions
The Honeywell Remote Industrial Solutions are being used by customers to handle COVID-19 related constraints and maintain business continuity, while protecting employees.
This software suite, which includes Experion Remote Operations, allow for remote management as well as work-from-home abilities for employees.
Honeywell Forge Cybersecurity Suite helps customers ensure business continuity in the face of mounting cyber threats, uncertain business conditions and supply chain disruptions.
Warehouse and logistics solutions help drive the exceptional growth of e-commerce in the ASEAN region and beyond, during the pandemic. They also support cold chain services for delivering medical products, including vaccines.
Other Honeywell Solutions That Help Against COVID-19
Other Honeywell solutions that help people and industries handle COVID-19 include :
Gas and flow sensors for ventilators, oxygen concentrators and respiratory machines;
Thermorebellion, a new temperature monitoring solution that incorporates advanced, infrared imaging technology and artificial intelligence algorithms to conduct non-invasive, preliminary screening of personnel entering facilities such as airports, hospitals and plants;
Yeo Siang Tiong, the General Manager of Kaspersky Southeast Asia, recently shared with us why cybersecurity is critical for Industry 4.0 initiatives to succeed.
While he uses Malaysia’s drive to implement Industry 4.0 as an example, the lessons are universal and apply across the world.
Let’s hear it from Mr. Yeo Siang Tiong!
Why Cybersecurity Is Critical For Industry 4.0 Success
The term Industry 4.0 was first used at the Hanover Fair, as a reference to the latest industrial strategy which has been termed the fourth industrial revolution.
According to the explanation by Ministry of International Trade and Industry Malaysia  I have read months ago, Industry 4.0 is referred to as production of manufacturing based industries digitalization transformation, driven by connected technologies.
Together with autonomous robots, big data analytics, cloud computing, Internet of Things, additive manufacturing, system integration, augmented reality and simulation, in my opinion, cybersecurity is among the main pillars of Industry 4.0.
Why? Because while the cyber-physical systems connected without wires, automated and with lesser human touch points promise more efficient processes and communications, this also exposes systems to potential cyberattacks.
Greater connectivity brought about by Industry 4.0 will require greater security attention for ICS security because the Fourth Industrial Revolution is a double-edged sword which countries and companies should use wisely.
It is great to note that Malaysia is currently ranked third globally among 193 International Telecom Union members, in terms of the level of national commitment to addressing cybersecurity risks.
In 2018, Ministry of International Trade and Industry Malaysia launched INDUSTRY 4WRD, a national policy on Industry 4.0, to place policies and guidelines in place to ensure Malaysian manufacturing industry and its related services would be ready, to be smart, systematic and resilient.
The policy has the overarching philosophy – A-C-T, Attract, Create and Transform.
The government’s efforts are indeed being commended worldwide. Proof is the Readiness for the Future of Production Report 2018  which put Malaysia in the “Leader” quadrant, positioned well for the future. Malaysia and China are the only two non-high-income countries in this coveted quadrant.
One important area for improvement that I know if will be the human force. Malaysia has shortage of required talents, skills and knowledge for Industry 4.0, particularly in the areas of IoT, robotics and AI. The lack of talents in the fields of IoT is hypocritical for Malaysia Industry 4.0 especially in the areas of exposure to cyber threats.
However, let us not miss the commitment uttered by the Ministry of Education Malaysia  saying that cybersecurity must be introduced at the grassroot level, especially among the schoolchildren. The department of Polytechnic and Community College Education and Politeknik Mersing in Johor is also off to set up the Cyber Range Academy, which provides the students with an authentic learning environment in the threat landscape.
For our part, Kaspersky understands the cyber security needs in ensuring the success of Industry 4.0 and have solutions in place – Industrial CyberSecurity (ICS), with the aim to protect companies from three main risks .
Firstly, unintentional infection of an industrial network. In theory, industrial information networks should not be connected to office networks, and should also not have direct access to the internet. However, sometimes without intending to cause any harm, staff will connect infected removable drives to industrial computers or access the internet to update software on the server, resulted malware manages to penetrate the network.
Secondly, it is not unusual for people who are professionally versed in industrial systems to try and use that knowledge to trick their employer, which cause serious harm to the business.
Thirdly, cyberwar, targeted actions that are intended to cause damage. Two years ago, a massive data breach saw more than 46 million mobile subscribers in Malaysia leaked on to the dark web.
For companies to reach their Industry 4.0 goals, all components have to be protected.
Remember ShadowHammer  which Kaspersky team highlighted in the research back in March? Executable files, found in reputable and trusted large manufacturer, contained malware features, which upon careful analysis confirmed been tampered by malicious attackers.
To avoid being victims and ensuring a clearer path to achieving Industry 4.0 , we suggest to:
Regularly update operating systems, application software, and security solutions
Apply necessary security fixes andaudit access control for ICS components in the enterprise’s industrial network and at its boundaries
Provide dedicated training and support for employees as well as partners and suppliers with access to your network
Restrict network traffic on ports and protocols used on edge routers and inside the organization’s OT networks
Use ICS network traffic monitoring, analysis and detection solutions for better protection from attacks potentially threatening technological process and main enterprise assets
Deploy dedicated securitysolutions on ICS servers, workstations and HMIs, such as Kaspersky Industrial CyberSecurity. This solution includes network traffic monitoring, analysis and detection to secure OT and industrial infrastructure from both random malware infections and dedicated industrial threats
Form a dedicated security team for both IT and OT sectors
Equip these security teams with proper cybersecurity training as well as real-time and in-depth threat intelligence reports
Industrial Revolution 4.0, also known as the Fourth Industrial Revolution or Industry 4.0, is a term that is applied towards the current trend of intelligent automation that is enabled by information technology, interconnectivity and data analytics.
Industry 4.0 employs a wide range of technologies to achieve those aims, such as mobile devices, Internet of Things, smart sensors, big data analytics, augmented reality, cloud computing, and more.
Countries and corporations that successfully make use of these technologies will greatly improve their productivity. Hence, there is great interest by governments and companies to develop and accelerate their IR 4.0 capabilities.
The 2019 Kaspersky ICS CERT Report just revealed that almost half of the Industrial Control System (ICS) computers they protected were attacked in the second half of 2018. This is a wake-up call to industries large and small.
They also shared with us some technical measures that can help companies ward off these cyberattacks.
The 2019 Kaspersky ICS CERT Report
The 2019 Kaspersky ICS CERT report is based on the industrial threat landscape the team experienced in H2 2018.
In that period, they noted that almost half of the ICS computers they were protecting were attached in some form.
These attacks could have crippled these industrial facilities if they resulted in an actual breach. That would have caused great material and production losses.
Here is the summary of their report :
47.2% of ICS computers were attacked in 2018, slightly more than the 44% they encountered in 2017.
Vietnam was the top country, with 70.90% of their ICS computers attacked
Algeria was second, with 69.91%; and Tunisia was third with 64.57% attacked.
The least impacted countries were Ireland (11.7%), Switzerland (14.9%), and Denmark (15.2%).
Mass-Distributed Malware Is The Greatest Threat
Mass-distributed malware such as phishing emails are the most common way used by hackers to infiltrate industrial companies throughout the Asia Pacific region and the world.
“Despite the common myth, themain source of threat to industrial computers is not a targeted attack, but mass-distributed malware that gets into industrial systems by accident, over the internet, through removable media such as USB-sticks, or e-mails.
However, the fact that the attacks are successful because of a casual attitude to cybersecurity hygiene among employees means that they can potentially be prevented by staff training and awareness – this is much easier than trying to stop determined threat actors,” said Kirill Kruglov, security researcher at Kaspersky Lab ICS CERT.
Knowledge And Training Are Essential To Combating Malicious Cyber Attacks
According to Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky Lab,
“Our researchers are seeing many carefully crafted phishing emails, sent purportedly by real companies and masked as business correspondence, commercial offers, invitations to tender and so on, which could be very commonly faced by many enterprises in Malaysia.
We recommend all companies to warn their staff of this real threat and to train them to recognize signs of an attack, to not open suspicious files or click on links, and to inform their IT department of any potential incidents,” Yeo said.
“H2 2018 saw a decline in ICS infections in Malaysia, 41.1% versus H1 2018 of 50.8%. It is a good sign that users are more aware of the cyber risks, and are becoming careful about it,” Yeo added.
How To Safeguard Industrial Computer Systems (ICS)
The 2019 Kaspersky Lab ICS CERT recommends the following measures to protect Industrial Computer Systems (ICS) :
Regularly update operating systems, application software on systems that are part of the enterprise’s industrial network.
Apply security fixes to PLC, RTU and network equipment used in ICS networks where applicable.
Restrict network traffic on ports and protocols used on edge routers and inside the organization’s OT networks.
Audit access control for ICS components in the enterprise’s industrial network and at its boundaries.
Deploy dedicated endpoint protection solutions on ICS servers, workstations and HMIs.
Make sure security solutions are up-to-date and all the technologies recommended by the security solution vendor to protect from targeted attacks are enabled.
Provide dedicated training and support for employees as well as partners and suppliers with access to your network.
Use ICS network traffic monitoring, analysis and detection solutions for better protection from attacks potentially threatening technological process and main enterprise assets.
As the Chairman and CEO of Kaspersky Lab, Eugene Kaspersky is no stranger to cybersecurity. In fact, he created his first antivirus software while serving in the Russian Ministry of Defense in 1989 – 8 years before he founded his eponymous cybersecurity firm.
Eugene Kaspersky Presents Cyberspace – The Survival Guide
In this engaging 35-minute talk, Eugene Kaspersky shares with us his opinions on the evolving cybersecurity threats and how we can survive them.
Here are the key takeaway points from Eugene Kaspersky’s keynote talk :
Eugene Kaspersky still uses an old Sony Ericsson feature phone, which he says is “unhackable”.
Microsoft Windows is still the main target of cyberattacks, because it’s still the most popular operating system and the default operating system for many enterprises.
Cyberattacks are increasingly shifting to the mobile platform, targeting the Android operating system in particular.
The Mac OS platform is relatively safe because there are still not that many Mac user, or Mac programmers who can craft malware to target them.
However, Eugene Kaspersky (pointing at my MacBook Pro) says that Mac OS is much more vulnerable than Microsoft Windows from a cybersecurity point of view. It is only “safer” because there are not many cybercriminals who can exploit this.
The threat of Linux malware is growing very fast, because Internet of Things (IoT) devices are mostly Linux-based.
iOS attacks are limited because their zero-day vulnerabilities are very expensive for cybercriminals to purchase.
Kaspersky Lab collects about 300,000 unique malicious code samples per day, or more than 2 million unique code samples a week.
The growth in malware is exponential. Kaspersky Lab took 20 years to collect their first million unique malware code samples, but just one week in 2016 to collect 2.2 million unique malware code samples.
The good news is that Kaspersky Lab processes these malware code samples automatically 99.9% of the time using self-learning machine algorithms.
Eugene Kaspersky dismisses the tech industry’s use of the term “artificial intelligence“, insisting that they are more accurately described as “self-learning machine algorithms“.
Unfortunately, there is a marked growth in highly sophisticated state-sponsored and criminal cyberattacks that cannot be addressed by these means.
Cybercrime now costs the world US$450 billion in losses every year – the equivalent of 13 years worth of budget for all of world’s space programmes combined.
IoT (Internet of Things) devices are the new frontier. There are now more IoT devices than human beings on Earth. The danger though lies in the fact that most of them cannot be patched, and use common, standard passwords for easier manageability, but makes them easy to hack.[adrotate group=”2″]
SCADA industrial control systems are also vulnerable to cyberattacks. There are now cybercriminals that target the SCADA systems of manufacturing and transportation companies, as well as state-sponsored attacks and possible terrorist attacks.
Cybersecurity of individuals and SMBs (small and medium businesses) are easy to solve, because you can purchase and install cybersecurity software that will handle the common cybersecurity threats.
Enterprises, however, are under the additional threat of professional, targeted attacks. In addition to end-point protection, they will need to be able to predict and detect cyberattacks, and respond quickly to those that are identified.
Eugene ends his presentation by opining that a lot of work needs to be done to secure the world from from cybercriminals, thanks to the prevalence of cyberspace in our lives.
Kaspersky Lab just announced the Kaspersky Industrial CyberSecurity solution in Malaysia. Called KICS for short, it is a combination of Kaspersky’s services, technologies and intelligence designed to protect critical infrastructure and industrial facilities.
Cybersecurity of critical infrastructure and industrial facilities is of great importance, because of their importance to the stability and economy of the country. Malaysia, for example, is highly dependent on its industrial sector which contributes almost 37% of its GDP, and employs 36% of its labour force (in 2012).
Kaspersky Lab’s Andrey Suvorov and Vikram Kalkat flew in to talk to us about industrial cybersecurity and how Kaspersky Industrial CyberSecurity can help mitigate, if not reduce or eliminate, the risks of cyber attacks of critical infrastructure and facilities.
The Kaspersky Industrial CyberSecurity (KICS) Solution Revealed
Cyber-attacks on industrial control systems are on the rise. In 2016, 67% of information and operational technology managers say that their security risks are at a critical level. In this video, Vikram Kalkat (Senior Key Account Manager, KICS) explains the industrial cybersecurity landscape.
The Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (ICS CERT) Report 2016 gives Malaysia a risk score of 15% . The scoring is determined by the observability mode, security assessment and exploit prevention. Malaysia is also a target for cyber-attacks, ranking 66th on the Kaspersky Lab Industrial Cyberthreats Real-Time Map.
The introduction of Kaspersky Industrial CyberSecurity (KICS) cannot come at a better time. The high degree of automation and use of information technologies in modern industrial facilities make them especially vulnerable to cyber attacks. Andrey Suvorov, Head of Critical Infrastructure Protection Business Development, Kaspersky Lab, explains how KICS can minimise the risks and effects of a cyber-attack on industrial control systems.
Unlike traditional corporate IT networks (where confidentiality is the top priority), industrial control systems (ICS) demand faultless continuity and consistency of the technological process. Strict regulation and compliance can lead to unprotected operating of critical facilities if the cybersecurity measures do not meet safety requirements.
Kaspersky Industrial CyberSecurity considers all these unique requirements and protects the ICS network at the layers most vulnerable to cyber-attacks – ICS/SCADA servers, HMI panels, engineering workstations, PLCs and more – securing them from cyber-threats without affecting operational continuity and consistency of the technological process.
Read more about KICS and how it detects and prevents threats in the next page!
If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!
KICS Threat Detection & Prevention
Traditionally, ICS organizations are not well prepared or protected to withstand cyber security attacks. The design of ICS software and hardware is hard to call secure. To minimize the possibility of a cyber-attack, Industrial Control Systems (ICS) is supposed to be run in a physically isolated environment. However this is not always the case.
Historically, ICS operating team is not able to recognize social engineering attacks, recognize unsafe actions and become a solid stage of cyber security in their organizations. Of cause, their main task is to provide safe and reliable production process. On the other hand, the ICS organizations cannot afford significant investment into security workforce, since this is not a priority for them. The cyber security response plan may assume that some external organization is involved for incident coordination, analysis and response actions.
Kaspersky Industrial CyberSecurity offers a combination of conventional security technologies, adapted for an ICS environment, such as anti-malware protection, whitelisting and vulnerability assessment functionality. This strong foundation is further enhanced with unique technologies designed specifically for industrial environments, including integrity check for programmable logic controller (PLC), semantic monitoring of process control commands and telemetry data to detect cyber-attacks targeting the physical part of an infrastructure.
Kaspersky Industrial CyberSecurity also provides a special observability mode that focuses solely on the detection of cyber-attacks, operation personnel faults and anomalies inside an industrial network. All prevention and detection technologies are managed via a single centralized management console.
Meeting Strict Industry Requirements
The highly customizable settings of Kaspersky Industrial CyberSecurity mean it can be configured in strict accordance with the requirements of different industries, facilities and production lines, allowing the solution to be effectively integrated into an organization’s existing ICS network and technological processes without any significant modifications to the network or to the process. All of their technologies are tested by and certified with leading ICS vendors.
When Kaspersky Lab was developing KICS, there were some unique requirements they had to meet:
Observability mode. Security solutions are deployed extremely carefully in critical industrial environments. Solutions should be able to monitor activity and detect threats, but leave the decision to block an attack up to the operator. Industrial systems rely on customized software, so even the potential conflict between a security solution and, let’s say, operations of a railway system cannot be allowed.
Security assessment. Critical infrastructure always works together with traditional IT, and the fact that different teams are usually responsible for security of those two entities is challenging. An independent look by security experts proficient in both industrial systems and general IT helps to identify potential weaknesses usually found at the meeting point between two systems. This is also true for any traditional IT infrastructure. In fact, the variety of endpoints, mobile devices, on-site servers and cloud services is no less complicated than a power plant.
Exploit prevention. Technologies designed to identify attacks using previously unknown vulnerabilities is one level above traditional anti-malware systems. As we learned from Stuxnet, critical infrastructure may be targeted with the most advanced cyber weapons. Unlike traditional malware, targeted and advanced attacks require special tools.
Support Tech ARP!
If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!
Kuala Lumpur, 16 June 2016 – Dell today announced the launch of its first purpose-built industrial PC (IPC) products, Embedded Box PC 3000 Series and 5000 Series, aimed at taking the embedded PC market mainstream.
Available in Malaysia starting end-July, the products are fanless, ruggedized and built to provide customers fast time-to-market. With a long history of rugged engineering innovation and extensive experience in OEM Solutions, the products expand Dell’s Internet of Things (IoT) portfolio. Dell will bring the benefits of short lead times, enterprise-class lifecycle, stability, service and support to customers who may be underserved by current embedded solutions.
Embedded computing is now everywhere. According to a Technavio study , the embedded systems market was valued at more than US$11 billion in 2014 and is expected to reach US$23.10 billion in 2019, growing at a CAGR of almost 15 percent. Organic growth is being fuelled by falling component costs, improved power efficiencies, increasing business ROI needs and demand from the IoT. However, the reality of long lead times, low device reliability, limited scalability, lack of security and manageability options and limited support hinder the development of the market.
Embedded Box PC 3000 & 5000 Series
Dell’s Embedded Box PCs are fanless, important as the fan is the often most common component failure in embedded use cases, and also ideal for environments that require little noise. They are highly reliable devices that can be used “headless” or with keyboard, mouse and monitor. Flexible and powerful, with extensive wired and wireless input/output (I/O) options, they run on Intel processors. The 3000 Series is powered by Intel Atom processors and designed for space-constrained applications, such as retail kiosks, automated vending devices and vehicles.
The 5000 Series is optimized for performance and I/O scalability. Powered by Intel Core processors, it includes two PCI/PCIe card slots for adaptability. It provides high-bandwidth ideal for industrial PC and IoT use cases (multi-HD video streaming apps and high frequency sensor data sources) as well as manufacturing and automation control.
Operating temperature range from 0°C to 50°C
Designed to MIL-STD 810G specifications
DIN-rail, VESA, or wall mount options
5-year lifecycle and OEM-ready options
Global availability with Dell Support and Deployment services
Microsoft Windows 7 Pro, Windows 7 Embedded, Windows 10 Pro* and Windows 10 IoT Enterprise LTSB and Ubuntu Desktop operating systems
Customers can take advantage of Dell’s global availability, trusted security and manageability options, and Dell Support and Deployment services including ProSupport which provides up to five years of end-to-end hardware support for the entire IoT product lifecycle, helping customers maximize their environment and minimize time spent on maintenance.
Mark Taylor, president, OEM Computing Solutions, Arrow Electronics, said, “Dell’s technology strength and commitment to excellence matches our vision for the OEM and independent software vendor (ISV) marketplaces incredibly well. We are delighted to work with Dell and look forward to continued growth together.”
“Security and reliability are of the utmost importance to embedded PC customers,” said Jon Melamut, VP of Commercial Devices Operations at Canonical Ltd. “We are very excited to partner with Dell as they launch the Dell Embedded Box PC 3000 Series and 5000 Series with Ubuntu Desktop, which provides software security and reliability to match that of Dell’s hardware.”
Chet Hullum, general manager of Industrial Solutions at Intel, said, “The Dell Embedded Box 3000 and 5000 Series Embedded Box PCs based on the 6th gen Intel® Core Processor family and Intel® Atom processor E3800 product family are designed to bridge the data needs of traditional operational technology with the manageability demands of information technology. The result is a solution that meets the needs of industrial and IoT customers.”
Support Tech ARP!
If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!