Countering the Threat of Cybercrime

Posted on 30 Oct 2017 by The Manufacturer

New technology promises to eliminate many of the inefficiencies of modern manufacturing, but it also opens up the threat of cybercrime.

Anything connected to the Internet can be discovered and potentially infiltrated by a hacker - image courtesy of Cigital. Marketing
Anything connected to the Internet can be discovered and potentially infiltrated by a hacker – image courtesy of Cigital.

Technology promises to eliminate many of the inefficiencies of modern manufacturing through innovations such as sensors, which enable machines in a production line to speak to one another, ensuring they are all performing at an optimum level. Such systems will ensure that waste and downtime are kept to a minimum, but unless robust security safeguards are built-in, they could provide lucrative new opportunities for cybercriminals.

Valuable Assets

The annual cost of cybercrime to business is rising and will reach an estimated $6 trillion per year by 2021. After the healthcare sector, manufacturing companies are the most common targets of such attacks.
While banks and other financial institutions tend to have their accounts raided for the cash they contain, and healthcare providers have the private records of their patients held to ransom, manufacturers who become victims of cybercrime are usually targeted for the intellectual property they hold in the form of designs, formulas and patents.

In some cases, such information may be sought for pure financial gain, but it can also end up in the hands of rival companies who wish to improve their own product lines by uncovering the secret processes employed by others. Earlier this year, ThyssenKrupp, a major German steel supplier, revealed that some of its trade secrets had been stolen during a “professional” cyberattack.

Sabotage

Attacks may also be launched against the IT network of a company itself as a form of industrial sabotage. If, for example, a robot on an assembly line were reprogrammed to change the size of a single crucial component, production could be compromised for days or weeks at a time. The cost could run into thousands of dollars and, depending on the product being manufactured and the delay in uncovering the problem, could even compromise the safety of members of the public.

Should the worst happen, identifying where and when the security breach took place is essential. Depending on the complexity of your IT infrastructure, extracting all the relevant information may be far from easy as many such attacks are not discovered for weeks or even months after they have taken place.
In order to identify the perpetrator, let alone mount a lawsuit against an individual or another company, you’ll first need to employ a reputable firm to provide an electronic data discovery service to ensure you have access to all the necessary proof and documentation to take action.

Protection

Although it can be tempting to bury your head in the sand and simply hope it never happens to you, the increasing prevalence of cybercrime means it’s more likely to be a case of when rather than if. Having an action plan in place ahead of time is one of the best ways of ensuring any losses your company suffers are kept to a minimum.
One technique is to use a process security professionals call “threat modeling” which entails looking at your company from an outsider’s point of view, identifying the intellectual property most likely to be targeted in a cyberattack and then adding as much protection as possible to ensure any attack is unlikely to succeed.