Manufacturing companies are one of the most popular targets for cyber-criminals, based on the sheer amount of classified information they hold. In fact, a recent report from IBM X-Force Research’s 2016 Cyber Security Intelligence Index found that the sector is the second most-attacked industry behind healthcare, with automotive manufacturers and chemical companies scoring as the top targets for attackers.
Hackers’ intentions can vary when targeting the industry, but they are typically financially-motivated, state-sponsored attacks, which occur when government-funded organizations break into a network to steal intellectual property (IP) and trade secrets. These groups are some of the most sophisticated hackers, using a high level of expertise when targeting companies. They seek extremely valuable IP to further the betterment of the people in their country, or perhaps more commonly, for financial gain.
Tim Bandos, Director of Cybersecurity, Global Services, Digital Guardian recommends that manufacturers should have a vulnerability management plan in place, and conduct ongoing vulnerability scans. These regular scans can help find unpatched systems and holes, which is often where hackers find their way in. In fact, most of these attackers are taking advantage of vulnerabilities that have been there for years.
Next, it’s highly critical to prioritise security awareness, and promote this notion to all employees, from the C-suite to temporary hires and third party contractors. Bandos says that almost half of attacks by state-sponsored groups are conducted via spearphishing – malicious emails that appear to be from an individual or business that you know, though it isn’t. Employees think the email is from a trusted source, click links within the email, and a hacker has entry into the company’s network.
As employees get up to speed on cybersecurity, an incident response plan should also be in place. This plan should be ongoing and continuously tested, for maximum effectiveness when an incident does occur and organisations have to respond.
Lastly, organisations should harden the security configurations of systems and servers, including revoking privileged access to endpoints. Malware, for instance, requires administrative level privileges to execute on machines. If an organisation took these administrative privileges away, nearly 90% of infections on machines would stop – all via one fairly simple fix.