Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

4/20/2016
04:45 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Manufacturers Suffer Increase In Cyberattacks

Cyberattacks on manufacturing companies on the rise as attackers attempt to steal valuable intellectual property and information.

The manufacturing sector is now one of the most frequently hacked industries, second only to healthcare, a new report says.

Healthcare, which has a wealth of exploitable information within electronic records, moved into the top spot of the rankings, replacing financial services, which dropped to third place in IBM X-Force Research’s new 2016 Cyber Security Intelligence Index. Manufacturing rose from third place in last year’s report, which offers a high-level overview of the major threats to IBM’s clients' businesses worldwide over the past year.

Manufacturing includes automotive, electronics, textile, and pharmaceutical companies. Automotive manufacturers were the top targeted manufacturing sub-industry, accounting for almost 30% of the total attacks against the manufacturing industry in 2015. Chemical manufacturers were the second-most targeted sub-industry in 2015, according to IBM.

Many attackers are financially motivated and therefore are more likely to go after corporate networks where they could steal potentially valuable intellectual property or sensitive information, says John Kuhn, senior threat researcher with IBM X-Force. 

Meanwhile, The 2016 Manufacturing Report by professional services firm Sikich also reports a rise in attacks on the manufacturing sector -- with theft of intellectual property as a primary motive.

“The FBI estimated that $400 billion of intellectual property is leaving the US each year because of cyberattacks” and nation-state actors and other adversaries are starting to target manufacturing companies for this information, says Brad Lutgen, a partner in Sikich’s compliance and security practice.

Many manufacturing companies are behind the curve in security because they have not been held to compliance standards like financial services has, with the Payment Card Industry Data Security Standards and The Gramm-Leach-Bliley Act, or in the case of the healthcare industry, with the Health Insurance Portability and Accountability Act, Lutgen says. “Because of that, they [manufacturers] tend to be a little laxer with security in terms of some other industry verticals.”

As a result, there is a lack of adoption of key information security practices that have become standardized procedures across most industry verticals, Lutgen says. For example, only 33% of survey respondents indicated that their organizations were performing annual penetration testing within their IT groups.

Heartbleed, SQL Injection Leading Forms Of Attack

Manufacturers appear to be vulnerable to older attacks, such as Heartbleed and Shellshock. SQL injection is another prominent form of attack being waged against manufacturers, IBM’s Kuhn says. “Those [types of attacks] happened in volume,” last year, he says. The Heartbleed bug is a serious vulnerability found in the OpenSSL cryptographic that allows attackers to eavesdrop on communications, steal data directly from the services and users, and to impersonate services and users.

Attackers also targeted manufacturing companies’ enterprise servers via spearphishing schemes to lure employees to malicious websites, Kuhn says.

Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

Manufacturing companies are starting to fortify their networks and corporate systems, Kuhn says, but their industrial control systems also pose a challenge. ICS systems might run a copy of Microsoft Windows or Unix that was issued ten years ago, so they can’t necessarily update it without the change causing an equipment failure, according to Kuhn. 

“When you talk about this industrial control space, it gets into a doomsday thing. It [an attack] might shut down a water plant or a nuclear plant. They are hard to defend,” Kuhn says. 

Take the proliferation of ransomware. What if it an attacker deploys ransomware to lock down manufacturing computers and says, “pay the ransom or you won’t be able to manufacture your products?” These are all things to consider, he says. “So there is a lot of work to do in the manufacturing industry to shore up their defenses for industrial control systems and corporate networks.”

Defensive Strategies

Sikich’s report offers manufacturers some advice about how to mitigate threats:

  • Conduct an annual IT risk assessment to properly understand where threats are originating from.
  • Perform annual penetration tests to simulate the threat of someone trying to break into your organization’s network.
  • Conduct ongoing vulnerability scanning throughout the year to help the organization stay up-to-date with new threats.

Related Content:

 

Rutrell Yasin has more than 30 years of experience writing about the application of information technology in business and government. He has witnessed all of the major transformations in computing over the last three decades, covering the rise, death, and resurrection of the ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
How a Manufacturing Firm Recovered from a Devastating Ransomware Attack
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7844
PUBLISHED: 2019-05-22
Adobe Media Encoder version 13.0.2 has an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2017-9809
PUBLISHED: 2019-05-22
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure.
CVE-2018-12886
PUBLISHED: 2019-05-22
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypas...
CVE-2019-7834
PUBLISHED: 2019-05-22
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execu...
CVE-2019-7835
PUBLISHED: 2019-05-22
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary co...