Manufacturers’ ICS at high risk of cyber attack

Posted on 30 Sep 2017 by Michael Cruickshank

A new study has found that the Industrial Control Systems (ICS) used in the manufacturing sector are at high risk of cyber attack.

Industrial Control Systems are vulnerable to cyber attacks. Image courtesy of Wikipedia - Steag
Industrial Control Systems are vulnerable to cyber attacks. Image courtesy of Wikipedia – Steag.

The study, commissioned by cyber security company Kaspersky Lab, found that the manufacturing sector was the most susceptible of any business sector to cyber attacks.

Moreover, the study found that the manufacturing sector represented one-third of all attacks against ICSs globally.

Industrial control systems are networked computer systems which are used by a wide range to businesses to manage their infrastructure and machines, as well as keep tabs on their production and inventory.

As manufacturers move towards so-called ‘Industry 4.0’ standards and begin to use smart factories, this brings more of these ICS into contact with the outside internet.

These connections, while usually very beneficial for the manufacturing company, also leave their systems vulnerable to cyber threats, or spillover from larger globe-spanning malware outbreaks.

According to the study, the top three countries for these kinds of attacks on industrial computers were Vietnam, Algeria, and Morocco; manufacturing giant China came in fifth, with a rising number of systems affected.

“In the first half of the year we’ve seen how weakly protected industrial systems are – pretty much all of the affected industrial computers were infected accidentally and as the result of attacks targeted initially at home users and corporate networks,” said Evgeny Goncharov, head of critical infrastructure defense department at Kaspersky Lab.

Moreover, in only just over 20% of all cases that a cyber attack was attempted, did protective software manage to block the threat.

“Since we are already late with preventive measures, companies should think about proactive protective measures now to avoid ‘firefighting’ in future,” said Goncharov.

Cyber attacks cause real damage for manufactures

While in the past many manufacturing companies treated cyber attacks a mere nuisance, 2017 has proven that they can also inflict serious damage.

The so-called ‘WannaCry’ ransomware shut down many manufacturing plants as terminals were remotely encrypted and key data lost.

Most prominently an entire Honda automotive factory had to cease production due to this virus, causing likely millions of dollars of lost revenue.