Critical infrastructure
Industries
Manufacturing
News

Prioritizing cybersecurity risk faced by manufacturing organizations

June 02, 2021
manufacturing organizations

Manufacturing organizations have in recent times been increasingly picked out in high profile ransomware attacks, zero-day vulnerabilities and supply chain compromises. This must force them to increasingly prioritize threats, in order to benefit from saved costs, saved time, and ultimately avoiding becoming the next high profile victim of a breach, according to Mike Mclellan, SecureWorks’ director of intelligence.

Speaking at the ManuSec Europe 2021 virtual event, Mclellan said that the unique challenges identified in the manufacturing sector are safety, uptime and an extended perimeter. “The overriding importance of safety, making sure that systems and processes are working as designed, the staff are safe and the processes are complying with the relevant safety restrictions,” he added.  

The ManuSec Europe 2021 event aimed to explore the various strategies and best practices that help deliver cybersecurity to critical manufacturers. It seeks to protect industrial networks, promote organizational alignment as support for IT/OT convergence, and establish a roadmap for cybersecurity of safety-critical systems that define the practical steps needed to protect their key assets from cyber threats.

“Uptime or availability is very easy normally for manufacturing organizations to quantify the impact of an hour, a day, a week of downtime,” Mclellan said. “So availability of some of your core production environments is absolutely important, and again any attack that jeopardizes that availability is going to really cause problems to manufacturing organizations.” 

The manufacturing sector is known to operate in the extended perimeter with geographically distributed operations. “So you probably have got factories in countries you would rather not be in, but for various reasons such as supply of components and costs, whatever maybe, you are operating in these environments. It can make it quite hard to secure the physical premises, but also the IT premises as well,” Mclellan said.   

Manufacturing enterprises are usually threatened by ransomware, business email compromise (BEC), worms, targeted attacks, and resource exhaustion (or consumption).

Ransomware is the most important thing affecting manufacturing customers at the moment. It is an opportunistic threat that affects a lot of organizations in other verticals as well. “But, manufacturing in particular is being hit hard by this threat. Criminals have realized that if you can disrupt a manufacturing organization, you have got a good chance to get a payout, and that is ultimately what they are after,” Mclellan said.

Recent ransomware attacks on manufacturing organizations include the attack on WestRock Company’s mills and converting locations which impacted the company’s production, leading to shipments from some of its facilities lagging in production levels. In March, Sierra Wireless halted production at its manufacturing sites after the company was hit by a ransomware attack on its internal IT systems on Mar. 20. The company’s website and other internal operations have also been disrupted by the attack.

Commenting on the recent Colonial Pipeline incident that involved the DarkSide ransomware, Mclellan said that the impact was much greater than the threat actually intended. “So ransomware operators are typically not looking to create national level incidents. They are looking to make as much money as they can from as many victims as they can, but try and stay under the radar in terms of law enforcement agencies.”

Another opportunistic threat that Mclellan raised was business email compromise. “So compromise a financial transaction by hacking into someone’s email inbox, change the payment details and cause the money for that transaction to be paid into a criminal controlled bank account. Again, not specific to manufacturing, but it’s definitely impacting all organizations in the vertical, and something you should be definitely thinking about,” he added.

Worms can include malware that can have a devastating impact on the manufacturing environment. Targeted attacks come from a “number of state sponsored threat actors, who are specifically after manufacturing because they are interested in intellectual property theft.” 

To counter cybersecurity risks in manufacturing organizations, a clear understanding of the threat landscape, an ability to translate that into business risks, and knowing the extent to which the manufacturing organization’s existing security controls sufficiently mitigate that risk, he added.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
DC3, DCSA collaborate to launch vulnerability disclosure program for defense industrial base
DC3, DCSA collaborate to launch vulnerability disclosure program for defense industrial base