This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

Stay alert to your vulnerabilities

04 May 2020

David Emm, principal security researcher at Kaspersky answers questions about industrial cyber threats and vulnerabilities. 

Q: What is the current threat landscape for manufacturing companies?
Industrial and manufacturing cyber-incidents have the capability of shutting down entire countries or creating tangible financial loss, as we saw following an attack on the Ukraine power grid in 2015. It has been estimated that during the first half of 2019, more than one-third (41%) of industrial control systems (ICS) were victim to cyberattacks, triggering security software to step in and remediate. Infection with such malware can negatively affect the availability and integrity of ICS and other systems that are part of an industrial network, making it difficult to resolve. The manufacturing industry is already a known target for attackers, and therefore the most common threats of spyware, cryptocurrency miners and worms still occur.
 
Q: Where are the primary threats for manufacturers – internal or external?
Research has shown that the greatest danger to manufacturers is in the form of cryptocurrency miners (3%), worms (7%) and versatile spyware (4%). These types of attacks can come from internal or external sources, and more often than not, attackers will target employees using the system with phishing websites in order to get access to company data. Security experts and IT departments should be particularly cautious about malicious software that aims to steal data, spy on critically important objects, penetrate the perimeter and destroy data. 
 
Q: What are the main areas of vulnerability for manufacturers?
A cybersecurity incident that occurs because of a targeted attack or infection of conventional malware can lead to damaging consequences and a disruption in manufacturing processes. For many industrial or manufacturing organisations, while they actively invest in the cybersecurity of corporate networks, cybersecurity in OT/ICS networks and securing the OT environment can be an afterthought. As with any organisation, if you don’t take steps to protect yourself, your employees and your business as a whole, then you become an easy target for cybercriminals. You are  essentially wide open to attack; so, failing to recognise the threat cyberattacks can impose on a business can have an extremely damaging outcome. Criminals actively look to sabotage computerised systems to impact the delivery of services the company is supposed to provide. This can result not only in lost data and a damaged reputation, but can also have a huge financial impact.  

Q: Is there a one-size fits all cybersecurity architecture?
When it comes to managing cyberthreats, businesses need to be prepared. It is important to regularly update operating systems, application software and security systems that are part of the enterprise’s industrial network. Restricting network traffic on ports and protocols used on edge routers and inside the organisation's OT networks is also vital, to stop the wrong people accessing an organisation’s data. But it is not only the infrastructure that should be prepared for attacks; employers should provide regular training for staff, to allow them to spot the difference between a genuine email or website and a phishing attack.
 
Q: What new technology is available for manufacturers to protect against attacks?
Technological development has made a huge difference to the way cyberattacks are identified and the speed at which this can happen. Artificial Intelligence (AI) and machine learning have meant that we are able to keep up with attacks and stay ahead of them. The systems allow us to process one million potential attacks a day – something that could never happen if we didn’t automate our processes. This is the expertise that feeds into different levels of protection, from endpoint to anti-targeted attacks and threat intelligence, to ensure businesses are secure at all levels and attacks can be prevented.
 
Q: If you were to give one piece of advice to manufacturers on cybersecurity what would it be?
It is difficult to call out one single thing, but I would advise any organisation - be it a manufacturer, business owner or an individual - is to ensure your operating systems are up to date. Cybercriminals make use of the vulnerabilities that occur when systems are behind on updates, and this can leave organisations wide open to attack.


Contact Details and Archive...

Print this page | E-mail this page