As we turn the corner into a new decade, business leaders across industry lines have prioritized digital transformation and other tech-based innovations. However, as organizations become increasingly dependent on cutting-edge technologies, they also expand their attack surface.
Cyber security threats continually evolve, forcing companies to integrate various tools and internal policies to ward off cybercrime. Despite the pressing need for comprehensive security defenses, many organizations struggle to keep pace with emergent hacking methods and adapt to the shifting cyber-attack landscape.
Cybercriminals continuously develop strategies for infiltrating private networks, stealing sensitive data, and bringing critical infrastructure to a grinding halt. As a result, organizations have had to create flexible cyber security programs that can be adjusted when new risks are detected.
Since the biggest threats to cyber security change over time, researchers and IT administrators need to regularly review their policies and security tools. According to research from Accenture, the average cost of cybercrime for an organization increased by $1.4 million in 2019, which highlights just how financially devastating cyber attacks can be. But before we explore the biggest threats to cyber security in 2020 and beyond, it may be helpful to touch on which industries have become popular targets.
Which industries are the most significant security targets?
Every industry contends with a different level of cybercrime. While the attack methods are similar, the frequency and severity of security incidents vary. Research from the Infosec Institute found that the following industries are at the highest risk of large-scale cyber attacks:
- Health care: The health care industry is a popular target for hackers due to the amount of sensitive data they store and process through insurance. Patient records contain a wealth of personally identifiable information that helps commit fraud and identity theft. Due to this data’s value, health care organizations must adhere to security guidelines laid out by HIPAA. Despite these regulations, targeted attacks against care providers continue to skyrocket year over year. According to a 2019 report from Herjavec Group, roughly 93% of health care organizations have experienced a data breach in the last five years, with 57% reporting more than five security incidents during this timeframe.
- Financial services: Banking and financial institutions are common targets for malicious actors because of the daily volume of transactions. Unlike the health care industry, hackers can leverage the sensitive data collected by banks for immediate returns. For example, targeted phishing attacks can allow hackers to control consumer bank accounts, giving them direct access to checking and savings funds. According to the previously mentioned Accenture study, banks stand to lose a projected $347 billion to cybercrime over the next five years.
- Manufacturing: The manufacturing industry has experienced a surge of targeted attacks over the past few years, leading to a complete reframing of security defenses in modern production environments. Most manufacturing facilities’ highly connected nature makes them especially vulnerable to cyber-attacks and data breaches. One survey by Deloitte found that nearly half of all polled manufacturing executives lack confidence in their ability to detect and mitigate cyber security threats. While this industry isn’t known for collecting sensitive data on consumers, they possess valuable data. Manufacturing firms generate valuable patents, process data, and other high-value intellectual property often sold on the dark web.
The biggest threats to cyber security in manufacturing
While the above industries represent the most lucrative targets for modern cybercriminals, cybercrime is a universal problem. The steps to prevent and respond to cyberattacks will vary based on the networking environment, data storage architecture, and other industry-specific factors. As manufacturing is considered one of the most vulnerable sectors in terms of cyber attacks, here is a list of the biggest threats to cyber security for companies in this industry, along with key recommendations to help alleviate these risks.
1. Phishing attacks
Social engineering is a potent tool in hackers’ arsenals, as it allows them to gain access to sensitive data and user profiles without the need for any technical know-how. According to a 2019 report from ProofPoint, manufacturing is one of the world’s most phished industries. Unlike other cyberattack methods, phishing relies on human error and a lack of cyber security training. Most phishing attacks seek to steal login credentials by replicating legitimate sources’ communications. For example, an employee may receive an email that appears to come from their internal IT department asking for their username and password for some administrative purpose. If they were to send over their credentials, the hacker would gain access to critical infrastructure, business applications, data stores, and more.
In terms of specifics, Symantec’s 2019 Internet Security Threat Report revealed that one out of every 41 manufacturing employees had experienced a phishing attack. A vast majority of these attacks came in malicious emails, which either asked for employees’ personal information or contained harmful malware. Other phishing emails were disguised as special offers or financial documents, making it challenging to implement a one-size-fits-all security policy.
Key recommendations:
- Provide all employees with cyber security training that includes phishing attacks.
- Keep all security software patched and up to date.
- Implement multi-factor authentication policies.
- Encourage employees to report suspicious emails.
2. Unsecured IoT devices
Internet of things technologies has revolutionized the manufacturing industry, enabling production facilities to monitor equipment performance and condition in real-time. However, installing a fleet of interconnected endpoints is highly risky, mainly when proper vulnerability management guidelines are not followed. Most IoT devices come with default settings, including usernames and passwords, which cybercriminals can easily crack.
According to a NETSCOUT report, it takes roughly five minutes to breach an IoT device once connected to the Internet. This stat is why these technologies should be a core part of every manufacturer’s security defenses.
One of IoT’s most significant threats to cyber security comes from targeted malware. Research from SonicWall discovered that IoT malware attacks increased by 55% during the first three quarters of 2019. While malware as a whole is on a downward trend, cyber attacks against vulnerable endpoints are becoming a key challenge for manufacturers. Once a hacker has taken control over an IoT device, they can quickly add it to a massive botnet for use in large-scale distributed denial of service attacks. These attacks not only lead to costly disruption and unplanned downtime but also force manufacturing firms to reinstall or replace infected equipment, leading to higher overhead costs.
Key recommendations:
- Updated login credentials for all IoT devices before deploying.
- Integrate threat detection and mitigation systems.
- Isolate IoT devices on a dedicated network.
- Conduct regular penetration testing.
3. DDoS attacks
Distributed denial of service (DDoS) attacks leverage infected systems to flood an organizations’ servers with more traffic than it can handle, forcing it to shut down completely. Although DDoS attacks rarely target manufacturing firms, hijacking their equipment can also be part of large-scale cybercrime operations. As a result, companies that fail to uphold best cyber security practices and IoT device management can unknowingly aid in DDoS attacks against other commercial targets.
For example, a streaming service experienced a 13-day DDOS attack from a botnet that was “made up of 402,000 enslaved Internet-of-Things (IoT) devices” Future attacks may seek to infect environmental IoT sensors used at manufacturing plants, which will have an impact on productivity.
When endpoints are infected with malware and added to a botnet for DDoS attacks, they often experience prolonged performance issues. The resulting drop in productivity can lead to production delays and unexpected downtime that impacts manufacturers’ bottom lines.
Key recommendations:
- Deploy advanced intrusion prevention and threat management systems.
- Keep all internet-connected devices on a single, secured network.
- Regularly scan for device vulnerabilities and signs of malware.
- Integrate firewalls, VPNs, content filtering, and load balancing where applicable.
4. Targeted ransomware attacks
Ransomware attacks rely on a unique form of malware designed to encrypt users’ files and operating systems, preventing them from completing critical work-related tasks. Once key workstations are locked down, cybercriminals request a ransom from their victims before restoring access to sensitive data. According to research from Kivu Consulting, the manufacturing industry spent more than any other sector on ransomware payments in 2019, totaling upwards of $6.9 million. One reason for this willingness to pay the ransom is the urgency of modern production environments. Even a few hours of downtime can lead to severe delays and missed deadlines, which can put a strain on crucial business relationships. One study by Coveware found that ransomware-related downtime costs organizations $64,000 on average.
Protecting against ransomware attacks has proven to be an uphill battle as new malware strains are continually released. Coveware discovered that Ryuk ransomware is mainly responsible for the surge in payment costs. Using this strain, hackers have demanded upwards of $288,000 per incident, which is much higher than other forms of ransomware. Manufacturers must incorporate advanced intrusion prevention and threat management systems into their broader security defenses to stay one step ahead.
Key recommendations:
- Avoid paying the ransom if at all possible.
- Keep all antivirus and firewalls up to date.
- Scan and filter all external emails before they reach end-users.
- Practice proactive data hygiene through regular backups and reviews.
Improving cyber security in manufacturing
The manufacturing industry faces some of the biggest threats to cyber security presently known to IT researchers, which is why business leaders must prioritize adaptable security defenses. There is no shortage of hacking methods that can cause significant disruption and financial loss from ransomware attacks to cloud security issues. Developing a multi-pronged strategy is essential to mitigating cyber security threats, but finding the right balance of technology and policy-based controls can be difficult. That’s where Certitude Security can help.
As a proud supporter of American companies, Certitude Security® is working diligently to inform leaders and facilitate essential asset protection priorities for manufacturers and supply chains throughout the United States.
Problem discussions can be a defining moment in your career. If you are interested in value creation, learn about SPOT-Beam™ by Certitude Security®. We look forward to helping you and your business succeed!