Tekscape has been an industry leader in securing the manufacturing industry against cybersecurity risks since 2007. Manufacturing has become one of most targeted industries of cyber-attacks. Many factors point to this including human error, old equipment, and lack of infrastructure. Tekscape can help with many of these issues as well as assisting manufacturers in recovering from cyber-attacks. Read on to learn more about the top cybersecurity risks to manufacturers in 2022.
Ransomware Attacks in the Manufacturing Industry
A report by IBM unveiled that the manufacturing industry was the most targeted industry for ransomware attacks in 2021. Before 2021, the financial and insurance industry were most targeted. This trend of ransomware attacks in the manufacturing industry has continued into 2022 with an attack in February on the largest semiconductor chip company called Nvidia.
The attack led to a serious data leak that exposed sensitive proprietary information. Hackers normally ask for money or Bitcoin, but this hacking group (Lapsus$) threatened to publish one terabyte of stolen data in five phases if Nvidia did not comply with their demands.
A more recent attack hit the Nichirin Company, the US subsidiary of a Japan based company that manufactures and sells automotive hoses. The attack resulted in the shutdown of the company’s network and production control system. Thankfully, Nichirin was able to act quickly by shutting down the affected network which resulted in the ransomware being contained. The attack did still cause the company to have to switch temporarily to manual production and shipping.
The Nichirin website was also down for a short amount of time, but it was not confirmed that this was the result of the ransomware attack. Suspicious emails were also sent that impersonated the company. Again, it was unconfirmed that the emails were caused by the attack but anyone replying to or opening the attachments in them ran the risk of virus infection and/or theft of personal information.
Recent Malware Attacks in the Manufacturing Industry
In March of 2022, Toyota had to suspend its operation of their fourteen plants in Japan after their business partner, Kojima, was hit with a malware attack. The virus was detected after a server error came up. After technicians rebooted the server, it was confirmed that it had been infected with a malware virus when a threatening message appeared. The infected system caused Kojima to be unable to ship parts which caused a pause to production. The infected system took two weeks to fully be restored. Though not confirmed, it was speculated that the malware, Emotet was used in the attack. Emotet infects the server or computer and downloads malicious software that steal passwords or locks a computer down with ransomware.
Phishing Attacks in Manufacturing
In 2020, it was confirmed that manufacturing was the most targeted industry for phishing attempts. Manufacturing is particularly vulnerable to phishing because individual plants use different IT infrastructures and disjointed systems. Without a unified system, there is a lack in security that cybercriminals can and often do exploit. Phishing attacks consist of an employee opening an email attachment or clicking on a spoofed website. The attachments or website target the browser settings and use the data for financial theft.
Spear phishing is another type of similar cyberattack. Spear phishers will monitor their target’s online activity to gain information such as log in credentials and wire transfer initiations. After they obtain the information they want, the attacker sends a convincing email asking for the transfer to be redirected to a different bank. This is why forty percent of phishing attacks originate from within a company.
Factors That Contribute to the Manufacturing Industry Being a Target of Cybersecurity Attacks
- Legacy Equipment: Many of the devices used by major manufacturers are old and not designed to handle modern day cyber threats. This legacy equipment makes it incredibly easy for hackers to get into the systems.
- Large Financial Gain: Because the manufacturing industry is so large, it contains a large amount of confidential employee information, bank details, credit card information, and other sensitive information.
- Unsecure Encryption Techniques: The manufacturing industry is primarily focused on their production and distribution of their products. They are not focused on dealing with the threats associated with cyber-attacks. Hackers are aware of these vulnerabilities and will try to infiltrate them.
- Different IT Structure: Many manufacturing units are in different locations. Each site may use different technology with hardware and software that causes their systems to be fragmented. A single security framework will never apply to all of them.
How Tekscape Mitigates the Top Cybersecurity Risks to Manufacturers
- Cloud Technology: Tekscape uses cloud technology to monitor your technology’s health and update its security.
- 24/7 Dedicated Support: Tekscape will monitor and manage your physical infrastructure. Having dedicated support means never missing a problem that occurs.
- Arma Cybersecurity: Tekscape’s own Arma Cybersecurity is designed to respond to threats in real-time to expedite a fast and effective response. Arma offers us the visibility to detect threats faster which means we can also monitor potential and existing threats. There is always a proactive response that provides automated detection, alert thresholds, and notifications.