Reinforcing industrial cybersecurity starts by choosing the right drives

IN THE first quarter of 2025, ransomware attacks on manufacturers surged by 46%. But alarming as it looks, this uptick is what many in the industrial world have been bracing for.

As factories make the switch to highly connected, smart production systems, the very technologies spurring innovation and efficiency are also opening doors for criminal enterprise. The operational technology (OT) layer, comprised of key industrial equipment like electric motors, is now a potential battleground for cyberattacks.

But too often, one critical OT component, the industrial drive, takes a backseat during cybersecurity discussions. By tuning motor speed and torque to match demand, drives act as smart links in the automation chain. When compromised, they're a crisis waiting to happen: surprise downtime, safety failures, tainted product quality, and expensive production losses. Even more concerning is that a successful attack could compromise the entire plant network by exploiting vulnerabilities in the drive layer.

For small to mid-sized OEMs squeezed by tight budgets and a shortage of in-house expertise, moving to secure-by-design drives is a significant challenge. These factors often make it difficult to integrate security from the outset. But cybersecurity solely at the IT network level is no longer enough. True resilience is about integrating protection directly into OT assets themselves, with drives first on the list.

Every connection a cyber risk

The past decade has seen industrial automation transition from isolated control systems to interconnected, data-rich ecosystems. Ethernet connectivity is now commonplace for drives, PLCs, and sensors, offering machine builders and plant managers instant visibility and analytics to keep performance at its peak.

But more connectivity brings more vulnerabilities: misconfigured devices, outdated firmware, and weak authentication protocols are all cracks in the armour. Even something as innocuous as a default-open communication port can be an open invitation for cybercriminals.

All too often, traditional performance metrics like throughput and uptime take precedence over cybersecurity, with protection added as an afterthought. This "bolt-on” approach is increasingly risky, especially with European regulators tightening rules for OEMs.

Rethinking drive security

Innovative drive designs are addressing these threats from the ground up. ABB’s ACS380-E has cybersecurity woven into its basic architecture. For smaller OEMs, machinery like this is a chance to bolster their product designs from day one, with no need for costly or complex add-ons. Plus, such foresight can spell the difference between meeting forthcoming regulatory changes like the EU’s Machinery Regulation in 2027 or scrambling with last-minute patches.

Instead of securing just the network perimeter, these modern drives shield every connection point and control function from the inside out. Even the supply chain is not exempt from scrutiny, with tamper-resistant hardware ensuring no unauthorised components work their way in. Because in today’s interconnected landscape, the smallest component can be the first domino that sends the rest falling.

Managing access and minimising risk

The ACS380-E enables both local and centralised account management, employing strict, role-based access that even the drive’s manufacturer can’t bypass. Trusted boot protocols ensure only authorised software runs, while any attempt at tampering triggers a rollback to its last clean version.

Communication is equally disciplined: connections are restricted to trusted devices, dormant access points are sealed off, and every intrusion attempt is logged straight away. In modern industrial settings, knowing when and how someone has tried to breach the network is equally essential for keeping it from happening twice.

Questions buyers should ask themselves

In the past, selecting a drive has hinged on factors such as speed control, torque accuracy, and energy efficiency, but cybersecurity readiness is now a box that manufacturers can’t afford to leave unchecked. When evaluating drives, buyers should check for up-to-date regulatory compliance for their market and that the drive is built to adapt to evolving regulations.

Secondly, secure boot processes and signed firmware should be table stakes, alongside robust user authentication and integration ability with existing security systems. Built-in monitoring and incident logging are other key considerations to support investigations and audits.

Finally, buyers should determine whether it’s possible to disable unused access points before deployment, effectively plugging vulnerabilities before they get exploited. Drives lacking these essentials are not only more vulnerable, but they may also cause an entire facility to fall short of future regulatory demands.

Combining security with productivity

In industrial automation, performance and cybersecurity are intertwined. Without security, every productivity gain is fragile, and built-in cybersecurity underpins the reliability plants depend on.

ABB’s ACS380-E demonstrates that it’s possible to blend advanced motor control and connectivity with built-in, standards-compliant cybersecurity. For OEMs and operators alike, it’s a way to reduce integration headaches and future-proof against emerging threats.

With ransomware showing no signs of slowing, manufacturers cannot afford to ignore drives sitting at the convergence of their operations. Securing them is now mission-critical.

Prabhu Nagavi is global product manager for machinery drives at ABB

For more information: 

www.abb.com

Tel: +44 (0) 808 258 2000