[BreachExchange] Addressing the Manufacturing Threat Landscape

[Audrey McNeil]

https://www.infosecurity-magazine.com/blogs/manufacturing-threat-landscape/


Today, the manufacturing industry promotes innovation, productivity and
trade to capitalize on opportunities created by changing demand and
technological advancements. However, the move towards connected
manufacturing has introduced sophisticated threats to data, intellectual
property (IP) and operations.

Industrial Espionage and IP Theft

Manufacturing organizations invest heavily in IP development. It’s often an
organization’s most valuable asset and its theft is among the most damaging
of manufacturing cyber-threats. Recently, manufacturing executives cited IP
protection as their primary concern.

Stolen IP can provide a competitive advantage, be sold on for profit or
used to disrupt operations amongst other things, and that’s why its theft
has become so prevalent. It’s not only criminals and competitors carrying
out these attacks – nation states are too, and their involvement can be
significantly damaging to organizations and even the economies of the
countries where they reside.

It’s important that organizations implement internal and external measures
to protect IP, which often flows out via the supply chain.

Increasing Sophistication of Cyber-Threats

In a sample of over 120 manufacturing industry breaches, 28% were motivated
by espionage.

The crucial nature of the manufacturing industry and its valuable data make
it a target for many advanced threat actors. Attacks sponsored by nation
states and e-criminals are both increasingly common. Due to the industry’s
dynamic nature and openness to technology, it’s difficult for organizations
to detect, prevent and respond to attacks.

Advanced techniques like spear-phishing, which targets individuals, malware
which affects functionality, and ransomware that holds an organization’s
data ‘hostage’ are frequently successful. In these cases, IP and data are
often the target. Attacks can also employ advanced methods that hijack
connected systems.

In manufacturing, there’s also the risk that hacked systems could lead to
catastrophic events that put employee and customer safety at risk.
Therefore, organizations can’t ignore the need for a robust information
security strategy.

Unsecured or Legacy Manufacturing Systems

Research has found that 25% of manufacturing companies are not confident in
their ability to prevent cyber-attacks.

Many manufacturing organizations are still operating at least one unsecured
legacy system. They have often been in service for a long time and, in some
cases, they won’t have been designed with cyber and data privacy in mind.
As attacks grow more sophisticated, attackers are inevitably going to find
more inventive and destructive ways to exploit these systems.

The lack of compatibility between legacy systems and newer control systems
is something that manufacturers must address moving forward in order to
control risks. Nonetheless, the process of upgrading to smarter systems
carries a huge price tag, which is a deterrent for some organizations.
Eventually, all manufacturers will reach the point where legacy systems
introduce too much risk to be ignored.

Internal Threats and Malicious Insiders

Manufacturing is one of the top five industries with the highest
percentages of insider threat and privilege misuse incidents.

It’s common for external actors to target employees with attacks that trick
them into handing over key credentials, data and systems access.

In manufacturing, employees’ threat awareness is generally considered as a
weak link. So, it’s important to train the wider business in threat
recognition to raise awareness around certain types of risks. This helps
reduce carelessness and human error – both problems synonymous with data
breaches.

Attackers aren’t always external; malicious insiders also pose a huge
threat. In manufacturing, insider attacks are common and include theft of
assets for profit or revenge. Insiders can also manipulate data with small,
unnoticed changes.

Connected Products

As many as 73% of manufacturers plan to increase investments in smart
factory technology in the next year.

Connected products introduced into supply chains represent a significant
risk. That said, for almost all manufacturers, they’re vital for growth –
even if that does come with increased vulnerability.

As manufacturers shift to smarter manufacturing models, each new connection
represents a potential vulnerability because most connected products can
store and transmit sensitive data. Many organizations also use connected
products alongside mobile apps and sensors that transmit data wirelessly.
This leads to sensitive data flowing in and out of the organization, giving
attackers more opportunities.

Failure to implement measures that mitigate the risks posed by these
connected devices can lead to serious attacks, capable of significant
disruption and data theft.

Although manufacturing organizations are reasonably advanced in their
awareness of the cyber and information security risks they face,
preparedness varies. A certified ISO 27001 Information Security Management
System (ISMS), paired with independent testing, detection and response
services, provides a transparent solution.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20201221/94e63a90/attachment.html>