The global cybercrime industry has a new target.
Firms in the manufacturing industry are reporting increasing incidents of cybercrime. From malicious nation-state actors who seek to undermine domestic economies to competing companies indulging in the latest brand of corporate espionage, major manufacturers find themselves increasingly targeted by cybercriminals.
There are multiple factors that contribute to this phenomenon. The majority of existing manufacturing systems were developed before the recent boom in the worldwide cybercrime industry and concurrent global interest in Internet of Things (IoT) solutions for the industry.
This means that complex, automated heavy tools are being brought online and implemented in manufacturing workflows in increasing numbers. This creates a complex, extremely specialized IT environment that is largely run by manufacturing specialists; not IT specialists.
For a cybercriminal, this presents a large attack surface that is easy to infiltrate. It doesn’t even take a great degree of sophistication to run an email phishing campaign that tricks executives and management personnel to hand over their login credentials, giving attackers access to the network right through the front door.
A 2017 cybersecurity report by Cisco found that 28 percent of manufacturing firms reported average revenue losses of 14 percent due to cyber attacks during that year.
How Manufacturing Firms Are Being Targeted
Broadly speaking, there are two types of cyber attacks that large manufacturing firms tend to be victimized by:
- Intentional Attacks. When cybercriminals work their way into your organization’s systems, compromise email accounts, and gain access to confidential login credentials, it’s a sure sign of an intentional attack. Everyone, from the smallest manufacturers to global industry titans, is susceptible to these types of attacks.
- Collateral Damage. When a major malware strain reaches the wild, the damage it causes almost always exceeds its creators’ expectations. These largely automated programs reach out and attempt to compromise everything in their path. Larger manufacturing firms feature a wider attack surface, making them much more susceptible to this type of damage.
Examples of Intentional Cyberattacks on Manufacturing Firms
In 2015, South Korean manufacturing firms were victimized by a highly sophisticated attack exploiting a zero-day vulnerability – a previously unknown vulnerability for which no security patch exists. This attack, called ,Duuzer, gave the perpetrators nearly unlimited access to the victims’ data and even masked its activity by mimicking other applications.
In a proof-of-concept attack carried out by researchers working for a multinational coalition of universities from the United States, Israel, and Singapore, researchers sabotaged 3D printers manufacturing drone components and inserted defects into the drone propellers. The threat vector used was simple but effective – email phishing.
Even oil and gas equipment manufacturers have been targeted by cybercriminals. Since oil and gas installations are typically based on SAP implementations, compromising SAP infrastructure essentially could allow a cybercriminal to successfully control 75% of global oil production.
Examples of Malware Causing Collateral Damage
WannaCry famously shut down hospitals and healthcare services during its widespread dissemination in May 2017, but it also took a heavy toll on manufacturing concerns all around the world.
The ransomware shut down automated spar assembly tools at a Boeing manufacturing plant, stopped production at Honda’s Sayama plant where the popular Accord model is manufactured, and compromised Hitachi’s communication and email capabilities.
WannaCry was never intended to target these institutions. Instead of being purpose-built, it was designed to act as an opportunistic virus. It exploited every opportunity it came across without discrimination.
Another famous example is the Mirai Botnet. This was a clever attack perpetrated by college students set on compromising IoT devices using common username/password combinations like “Guest: 12345” and “root: pass.” Although technically unsophisticated, the Mirai attack was enormously successful and deeply damaging.
How to Improve Manufacturing Cybersecurity
Layering is key to comprehensive data protection in the manufacturing environment. Just as physical security relies on multiple layers of protection – access control, surveillance, physical locks, and more – so too must your network infrastructure incorporate multiple layers of digital security.
For a manufacturing firm, that means spending time and energy optimizing your network to offer the foundation necessary for mounting a robust defense. You cannot rely entirely on a single technology to safeguard data for your entire company.
This is what a layered cybersecurity approach offers:
- Proactive Threat Defense. Most cybersecurity solutions work by identifying the digital signatures of known security threats like WannaCry. This is a valuable security tool, but it does not protect against zero-day vulnerabilities or novel cyber threats.
- Off-Site Backups of Critical Data. Backing up your data is absolutely critical to any business continuity strategy. Not only do you need redundant on-site backups; you need off-site backups (such as Cloud Backup for Office 365 by Dropsuite) that are physically disconnected from your main systems so that cybercriminals cannot compromise your backup records along with the rest of your data.
- Quarantine Options. What happens when a cybercriminal breaks through your first line of defense? You should have a system in place for quarantining individual devices and systems so that you can prevent damage from spreading.
- Security-Oriented Corporate Culture. If your company’s most productive personnel have more of a manufacturing background than an IT one, it’s all too easy for them to fall prey to password hacks, email phishing, and other tricks. Educating your employees on cybersecurity is crucial to preventing the most damaging cyber attacks.
When it comes to the manufacturing industry, two areas of business dominate the cybersecurity discussion. Automated technology like IoT and other sophisticated systems are one, and business-critical data make up the other. While you may have a robust system in place for protecting your processes, you may not be able to adequately protect sensitive customer data – or your own.
Dropsuite’s Office 365 Backup and Archiving provides comprehensive data security and recovery to manufacturing firms. This prevents manufacturers from suffering debilitating losses – both of business and reputation – that come from being unable to satisfy industrial regulations due to losing compromised data, such as email. Dropsuite’s Office 365 backup product is safe, scaleable and comprehensive. Its mantra is to keep its customers’ facilities, customers, and employees safe so that they never lose data again.
Sources:
The Mirai botnet explained: How teen scammers and CCTV cameras almost brought down the internet
Honda halts Japan car plant after WannaCry virus hits computer network
Boeing production plant hit with WannaCry ransomware attack
What is WannaCry ransomware, how does it infect, and who was responsible?
Cybersecurity Threats to the Oil & Gas Industry
Oil and Gas companies are subject to cyber attacks via ERP vulnerabilities
Security Drowned by University Researchers
S. Korean manufacturing industry targeted with new backdoor program
Cisco 2017 Midyear Cybersecurity Report
