As we turn the corner into a new decade, business leaders across industry lines have continued to prioritize digital transformation and other tech-based innovations. However, as organizations become increasingly dependent on cutting-edge technologies, they also expand their attack surface.
Cyber security threats are continually evolving, forcing companies to integrate a variety of tools and internal policies to ward off cybercrime. Despite the pressing need for comprehensive security defenses, many organizations are struggling to keep pace with emergent hacking methods and adapt to the shifting cyber attack landscape.
Cyber criminals are continuously developing strategies for infiltrating private networks, stealing sensitive data, and bringing critical infrastructure to a grinding halt. As a result, organizations have had to create flexible cyber security programs that can be adjusted when new risks are detected.
Since the biggest threats to cyber security change over time, researchers and IT administrators need to review their policies and security tools on an ongoing basis. According to research from Accenture, the average cost of cybercrime for an organization increased $1.4 million in 2019, which highlights just how financially devastating cyber attacks can be. But before we explore the biggest threats to cyber security in 2020 and beyond, it may be useful to touch on which industries have become popular targets.
Which industries are the most significant security targets?
Every industry contends with a different level of cybercrime. While the attack methods are similar, the frequency and severity of security incidents tend to vary. Research from the Infosec Institute found that the following industries are at the highest risk of large-scale cyber attacks:
- Health care: The health care industry is a popular target for hackers due to the amount of sensitive data that they store and process through insurance. Patient records contain a wealth of personally identifiable information that helps commit fraud and identity theft. Due to the value of this data, health care organizations must adhere to security guidelines laid out by HIPAA. Despite these regulations, targeted attacks against care providers continue to skyrocket year over year. According to a 2019 report from Herjavec Group, roughly 93% of health care organizations have experienced a data breach in the last five years, with 57% reporting more than five security incidents during this timeframe.
- Financial services: Banking and financial institutions are common targets for malicious actors because of the large number of transactions they process each day. Unlike the health care industry, hackers can leverage the sensitive data collected by banks for immediate returns. For example, targeted phishing attacks can allow hackers to take control of consumer bank accounts, giving them direct access to checking and savings funds. According to the previously mentioned Accenture study, banks stand to lose a projected $347 billion to cybercrime over the next five years.
- Manufacturing: The manufacturing industry has experienced a surge of targeted attacks over the past few years, leading to a complete reframing of security defenses in modern production environments. The highly connected nature of most manufacturing facilities makes them especially vulnerable to cyber attacks and data breaches. One survey by Deloitte found that nearly half of all polled manufacturing executives lack confidence in their ability to detect and mitigate cyber security threats. While this industry isn’t known for collecting sensitive data on consumers, they do possess valuable data. Manufacturing firms generate valuable patents, process data, and other high-value intellectual property often sold on the dark web.
The biggest threats to cyber security in manufacturing
While the above industries represent the most lucrative targets for modern cyber criminals, the issue of cybercrime is a universal problem. The steps organizations take to prevent and respond to cyber attacks will vary based on their networking environment, data storage architecture, and other industry-specific factors. As manufacturing is considered one of the most vulnerable sectors in terms of cyber attacks, here is a list of the biggest threats to cyber security for companies in this industry, along with key recommendations to help alleviate these risks.
1. Phishing attacks
Social engineering is a potent tool in hackers’ arsenals, as it allows them to gain access to sensitive data and user profiles without the need for any technical know-how. According to a 2019 report from ProofPoint, manufacturing is one of the most phished industries in the world. Unlike other cyber attack methods, phishing relies on human error and a lack of cyber security training. Most phishing attacks seek to steal login credentials by replicating communications from legitimate sources. For example, an employee may receive an email that appears to come from their internal IT department asking for their username and password for some administrative purpose. If they were to send over their credentials, the hacker would be able to gain access to critical infrastructure, business applications, data stores, and more.
In terms of specifics, Symantec’s 2019 Internet Security Threat Report revealed that one out of every 41 manufacturing employees had experienced a phishing attack. A vast majority of these attacks came in the form of malicious emails, which either asked for employees’ personal information or contained harmful malware. Other phishing emails were disguised as special offers or financial documents, making it challenging to implement a one-size-fits-all security policy.
- Provide all employees with cyber security training that includes phishing attacks.
- Keep all security software patched and up to date.
- Implement multi-factor authentication policies.
- Encourage employees to report suspicious emails.
2. Unsecured IoT devices
Internet of things technologies has revolutionized the manufacturing industry, enabling production facilities to monitor equipment performance and condition in real-time. However, installing a fleet of interconnected endpoints comes with a high degree of risk, mainly when proper vulnerability management guidelines are not followed. Most IoT devices come with default settings, including usernames and passwords, which can be easily cracked by cyber criminals. According to a NETSCOUT report, it takes roughly five minutes to breach an IoT device once it is connected to the internet. This reason is why these technologies should be a core part of every manufacturer’s security defenses.
One of IoT’s biggest threats to cyber security comes in the form of targeted malware. Research from SonicWall discovered that IoT malware attacks increased by 55% during the first three quarters of 2019. While malware as a whole is on a downward trend, cyber attacks against vulnerable endpoints is becoming a key challenge for manufacturers. Once a hacker has taken control over an IoT device, they can quickly add it to a massive botnet for use in large-scale distributed denial of service attacks. These attacks not only lead to costly disruption and unplanned downtime, but also force manufacturing firms to reinstall or replace infected equipment, leading to higher overhead costs.
- Updated login credentials for all IoT devices before deploying.
- Integrate threat detection and mitigation systems.
- Isolate IoT devices on a dedicated network.
- Conduct regular penetration testing.
3. DDoS attacks
Distributed denial of service (DDoS) attacks leverage infected systems to flood an organizations’ servers with more traffic than it can handle, forcing it to shut down completely. Although manufacturing firms are rarely the target of DDoS attacks, hijacking their equipment can also play a part in large-scale cybercrime operations. As a result, companies that fail to uphold best practices in cyber security and IoT device management can unknowingly aid in DDoS attacks against other commercial targets.
For example, a streaming service experienced a 13-day DDOS attack from a botnet that was “made up of 402,000 enslaved Internet-of-Things (IoT) devices” Future attacks may seek to infect environmental IoT sensors used at manufacturing plants, which will have an impact on productivity.
When endpoints are infected with malware and added to a botnet for use in DDoS attacks, they often experience prolonged performance issues. The resulting drop in productivity can lead to production delays and unexpected downtime that impacts manufacturers’ bottom lines.
- Deploy advanced intrusion prevention and threat management systems.
- Keep all internet-connected devices on a single, secured network.
- Regularly scan for device vulnerabilities and signs of malware.
- Integrate firewalls, VPNs, content filtering and load balancing where applicable.
4. Targeted ransomware attacks
Ransomware attacks rely on a unique form of malware designed to encrypt users’ files and operating systems, preventing them from completing critical work-related tasks. Once key workstations are locked down, cyber criminals request a ransom from their victims before restoring access to sensitive data. According to research from Kivu Consulting, the manufacturing industry spent more than any other sector on ransomware payments in 2019, totaling upwards of $6.9 million. One reason for this willingness to pay the ransom has to do with the urgency of modern production environments. Even a few hours of downtime can lead to severe delays and missed deadlines, which can put a strain on crucial business relationships. One study by Coveware found that ransomware-related downtime costs organizations $64,000 on average.
Protecting against ransomware attacks has proven to be an uphill battle, as new malware strains are continually released. Research from Coveware discovered that Ryuk ransomware is mainly responsible for the surge in payment costs. Hackers using this strain have demanded upwards of $288,000 per incident, which is much higher than other forms of ransomware. To stay one step ahead, manufacturers must incorporate advanced intrusion prevention and threat management systems into their broader security defenses.
- Avoid paying the ransom if at all possible.
- Keep all antivirus and firewalls up to date.
- Scan and filter all external emails before they reach end-users.
- Practice proactive data hygiene through regular backups and reviews.
Improving cyber security in manufacturing
The manufacturing industry faces some of the biggest threats to cyber security presently known to IT researchers, which is why business leaders must prioritize adaptable security defenses. From ransomware attacks to cloud security issues, there is no shortage of hacking methods that can cause significant disruption and financial loss. Developing a multi-pronged strategy is essential to mitigating cyber security threats, but finding the right balance of technology and policy-based controls can be difficult. That’s where Certitude Security can help.
As a proud supporter of American manufacturing, Certitude Security® is working diligently to inform leaders and facilitate essential asset protection priorities for manufacturing businesses throughout the United States. If you are interested in learning about the empowerment services that Certitude Security® can offer, visit our website or coordinate a time to speak to a team member today.