Manufacturing Industries – The New Ransomware Target
“A few cases of mixup of manufacturing industries and security vulnerabilities have been seen, this clearly states that cyberattacks are going to be increase”
Ransomware has become a significant threat to the manufacturing industry as certain groups of hackers have increasingly started showing an interest in targeting the economic control systems (ICS) that manages all the operations.
According to a study done by cybersecurity researchers at security company Dragos, the number of publicly recorded ransomware attacks targeting the manufacturing plants has tripled within the last year alone.
While plenty of production relies on traditional IT, some elements of manufacturing relies on ICS when mass-producing products — which could be a neighborhood that several hacking groups are actively looking to focus on.
That’s a reason to worry because the interconnected nature of the manufacturing supply means if one factory gets taken down by a cyberattack, it could have wide-ranging consequences for others as well.
For example, if a producing facility that mass produces medicines or other health products was hit by a ransomware attack that might have knock-on impacts for the healthcare sector as an entire.
It’s this level of threat that has led cybersecurity researchers at Dragos to clarify ransomware with the facility to disrupt industrial processes because the “biggest threat” to manufacturing operations — and a minimum of 5 hacking groups are actively targeting or demonstrating interest in manufacturing.
For cyber criminals, manufacturing makes a highly strategic target because in many cases these are operations that can’t afford to be out of action for an extended period of some time , in order that they might be more likely to offer in to the stress of the attackers and pay many thousands of dollars in bitcoin in exchange for getting the network back.
Manufacturing industries require remarkable uptime to fulfil the requirements of the productions and any cyberattack that causes downtime can cost a loss of a huge amount of cash. Thus, they’ll be more inclined towards paying attackers, security analyst for Dragos told in an interview.
The nature of manufacturing means industrial and networking assets are often exposed to the online , providing avenues for hacking groups and ransomware gangs to understand access to the networks via remote accessing, using technologies like remote desktop protocol (RDP) and VPN services or vulnerabilities in unpatched systems.
As of October 2020, the company said there are a minimum of 108 advisories containing 262 vulnerabilities impacting industrial equipment found in manufacturing industries environments during the course of this year alone, many of which have potentially left networks vulnerable to ransomware and other kinds of cyberattack.
Unfortunately, unpatched vulnerabilities which can enable initial access will always be a drag. Testing and applying patches as soon as possible/practicable is an extremely important step for preventing exploitations.
Cyber criminals are deploying ransomware because it’s often the quickest and simplest way to make money from compromising an outsized network.
But by gaining enough control of the network to deploy ransomware, hackers will often even be able to access property and sensitive data that also resides within the network.
That could potentially cause hacking groups using ransomware as a smokescreen for cyberattack designed to steal property, which could be extremely damaging to victims within the top of the day. .
That means taking steps like conducting regular architecture reviews to identify assets, ensuring devices and services are maintained thus far, and conducting, “crown jewel analysis” to identify potential weaknesses that would disrupt business continuity.