Improving cyber resiliency in manufacturing

Posted on 8 Jul 2022 by The Manufacturer

Jeremy Hendy, CEO of Skurio – the Digital Risk Protection specialist – looks at the barriers to combating escalating cyber crime and how manufacturers can address them. Drawing on valuable insights from Skurio’s research, he looks at the biggest cyber threats businesses need to be aware of and some practical risk management steps to take.

The cyber security reality check – it CAN happen to you

At the end of 2021, it was estimated that cyber attacks cost the global economy a staggering $6 trillion. This could escalate to $10.5 trillion by 2025 according to Cybersecurity Ventures. Cyber crime has accelerated since the beginning of the pandemic, with hackers quick to exploit the growth in home working practices. Two years on, working patterns have changed and some employees in the manufacturing industry continue to work hybrid patterns.  It’s vital that manufacturers move cyber security from what may have been ‘left of stage’ to centre stage.

There is still a belief held by UK SMEs – not just those operating in the manufacturing industry – that cyber attacks are predominantly directed at the largest enterprises. In truth, small and mid-sized organisations are now prime targets for many cyber criminals.  Partly because their defences are less well developed, but automation of attacks makes it easier to target at scale.

There is also a misconception that threat actors prefer to target businesses in the financial services or healthcare industry for example.  Yet, according to NTT’s 2021 Global Threat Intelligence Report (GTIR),  the manufacturing industry moved from the 8th most targeted industry by cyber attackers to number 2 last year.  This represented a 300% leap in a single year and they are now only behind the finance and insurance sectors. This is not surprising, since many cyber criminals are eager to get intelligence on new products and technology as well as confidential prototypes and design.  Extended supply chains also add to their security challenges.

Addressing the barriers to combatting cyber crime

Combatting cyber crime, particularly with increasingly sophisticated tactics of cyber criminals – is no mean feat. Stereotypes of the lone twenty-something huddled over a computer are long outdated. Today’s hackers are well funded and are increasingly a cog in a much bigger criminal operation.

According to Skurio’s research, the most common reasons preventing manufacturers from protecting against new cyber threats include insufficient resources, lack of in-house expertise, as well as insufficient funds for new staff, technology or outsourcing. There is also a need for greater awareness of the cyber threat landscape.  Some even believe there is no need to invest in additional cyber security. Others are acutely aware that there are still gaps in their Digital Risk Protection.

Antivirus isn’t enough anymore

Skurio’s research also reveals that most businesses now have some form of Digital Risk Protection (DRP) in place, however, this is typically delivered via supplementary features in solutions such as Microsoft 365, password management and antivirus software. Unsurprisingly over 60% of organisations admit they are not well or fully protected against threats from data breaches from their own network, employees using third-party apps or third-party suppliers.

Know your cyber threat landscape

It’s vital that manufacturing companies understand the cyber threat landscape because the reality is cyber crime activity across the surface, deep and Dark Web is escalating.

With manufacturers under pressure to maintain supply chains over the last two years, they are also facing increased targeting from ransomware actors. According to IBM’s  X-Force Threat Intelligence Index  2022,  the manufacturing sector dealt with more incidents than any other industry. An attack on any business in a supply chain can have a ripple effect on the whole chain. The report found that 47% of attacks on manufacturing succeeded through vulnerability exploitation, highlighting the need for organizations to prioritise vulnerability management.

Top cyber security tips: What can your business do to get ahead of cyber criminals?

As a starting point

  • Develop a robust cyber security strategy that takes industry factors into account.
  • All staff should receive regular cyber security awareness training.
  • Your business may be too small to justify a full-time cyber specialist, but make sure someone is responsible for cyber security or look to outsource your requirements. Managed security service providers recognise that small businesses don’t have huge budgets and can provide cost-effective solutions.
  • Remote working offers many benefits but increases digital risk. You can lower this risk by employing a ‘least privilege’ access policy and introducing a robust backup and disaster recovery plan.
  • Employees and contractors should have strong, unique passwords for each application, ideally using a password management tool.
  • Use Multi-Factor Authentication (MFA) wherever possible to avoid unauthorised system access.
  • Consider taking out cyber insurance and undertake regular security risk assessments.
  • Timely updates of security patches on computers are becoming even more crucial to protect systems. This is one of the most efficient and cost-effective steps an organisation can take to minimise its exposure to cyber security threats.

Take control of threats on the Dark Web

Introduce a Dark Web monitoring service through a managed service provider or specialist solution. This will alert you if your data is offered for sale or your business is mentioned by hackers or ransomware gangs. Using an automated tool is the safest, most efficient way to do this. Manual research requires skilled and experienced staff and runs the danger of detection by criminals or inadvertently downloading malware.

Malicious Domains and Typosquatting

Be proactive to identify fraudulent web addresses mimicking your corporate sites. If a suspicious domain is identified, you will need to establish if a website or mail service has been set up. The domain can be used for phishing campaigns even if no site is present. Takedowns can be a challenge because scammers use GDPR to retain anonymity and removals require justification; typically using trademark or copyright infringement, or evidence of illegal activity. Using a specialist service is advisable.

On third-party breaches

  • Early detection of breached customer data is critical when using third-party suppliers because data protection remains your responsibility. You should continuously monitor for your data appearing outside your company’s network.
  • Ensure third-party network access is restricted to the absolute minimum necessary for their role, which will minimise the damage an attacker can do by compromising them. Strict processes should be in place around sending sensitive files externally to reduce the risk of copied datasets being leaked.
  • Take control. An effective method is to tag datasets with a type of digital watermarking known as a ‘breachmarker’. This takes the form of a unique, synthetic identity placed into the dataset. Because it doesn’t exist elsewhere, you know for certain your data has been breached if it ever shows up.
  • Continuous, automated monitoring can then be deployed to constantly scan for this marker. If a threat actor posts the dataset for sale on a Dark Web forum or dumps it on a Pastebin site, the monitoring system will detect it. You will be sure which dataset has been involved, so you can swiftly and accurately notify those affected and take steps to try to have the data taken down.

About the author

Jeremy Hendy

Jeremy Hendy is the Chief Executive Officer at Skurio. Jeremy has more than 30 years’ experience in high technology industries, working at companies including Texas Instruments, Symbionics and Cadence. Prior to joining Skurio in 2016, Jeremy was VP of sales and marketing at Cambridge-based Nujira. Jeremy holds a degree in electronic engineering from the University of Liverpool.