FINAL WORD
Manufacturing: How
the industry can
improve its security
posture
Attacks on manufacturing organizations can be particularly
disruptive and, with the on-going convergence of IT and OT
systems, it’s critical that CIOs take steps to secure their critical
infrastructure. Vinod Kumar, CEO, Subex, tells us about the
challenges facing manufacturing firms and how they can get
ahead of attackers.
Can you tell us about some of the
unique cybersecurity challenges
facing manufacturing organizations?
Today, manufacturers are battling hackers
and disruptive actors at various levels. The
converged environment gives rise to OT,
IoT and IT threats but such convergence
of technologies also opens up more attack
vectors for hackers to exploit vulnerabilities
while giving rise to what we call hybrid risks.
This is a euphemism for threat actors using
a range of methods including a blend of
traditional and non-traditional approaches
to initiate a cyberattack. Also, malware
potency is increasing and hackers are using
persuasive messages in phishing emails to
cause a breach through insider activity.
Why is this industry so targeted?
The manufacturing sector represents the
lifeline of an economy. It is therefore high
on the agenda of state-backed hacker
constellations, also known as APT groups.
The supply chain element also plays a key
role as all these firms are relying on third
party contractors or subcontractors who
might not have the best security posture.
Manufacturing entities also hold plenty
of intellectual property – information of
commercial interest to various groups.
Manufacturers also want to avoid disruption
at any cost so they are ideal targets for
hackers who seek to monetize breaches
faster through ransomware. Our research
has shown that as much as 14% of all
stolen data on the Dark Web is connected
to the manufacturing sector. This indicates
the volume of breaches that have been
successful so far.
Can you tell us how the
threat landscape has changed
for this industry during the
COVID-19 pandemic?
The risks have increased and the threats
have multiplied. Today, we are amid what
we call the second wave of attacks linked
to the pandemic. Because of the confusion
and anxiety that characterised the first
few months, hackers were able to initiate a
co-ordinated campaign resulting in many
successful breaches through phishing
emails and those that exploited unsecured
home networks due to the prevalence of
work from home.
Simultaneously, we also saw an increase
in targeted cyberattacks and a spike in the
number of variants of previously detected
malware. This trend is yet to peak and attacks
may continue for a few more months.
How important is it for
manufacturers to strengthen
their cyberdefenses in light of the
COVID-19 pandemic?
The response to these attempts by
various hackers and agencies should be
proportionate to the deteriorating threat
82 INTELLIGENTCIO www.intelligentcio.com