Article by Mark Sinclair, ANZ Regional Director, WatchGuard Technologies
Australian manufacturing companies are currently grappling with a raft of challenges. Pandemic shutdowns, changing customer demands, and supply chain disruptions are combining to create an economic ‘perfect storm’.
Increasingly, manufacturers are also having to contend with another challenge that threatens to cause widespread interruptions and financial loss: cyberattacks. Armed with increasingly sophisticated tools and techniques, cybercriminals are targeting manufacturers of all sizes with many becoming unwitting victims.
Manufacturers are attractive targets for cybercriminals for a range of different reasons. Many have enticing stores of intellectual property that can be readily sold on the black market. This could be anything from details of planned new products to market research into new consumer trends.
At the same time, criminals using ransomware techniques are drawn by the ability they have to cause costly disruptions to production lines. They figure a company is likely to pay a ransom to have their systems unlocked rather than face an extended period of downtime.
The increasing adoption of operational technologies (OT) and Internet of Things (IoT) has also led to manufacturing companies becoming more digitally connected and therefore more vulnerable to external cyberattacks.
In some cases, older systems are being connected to networks despite the fact that they lack sufficient security features. This can provide another channel for cybercriminals to gain access to the company’s core IT infrastructure from where they can mount an attack.
There are a range of steps manufacturers can take to reduce the likelihood they will fall victim to a cyberattack. Those steps include:
- Automate security analysis: Automating the task of security monitoring and threat analysis through the deployment of tools gives a manufacturing company the ability to be alerted to attacks and take the steps necessary to ensure their infrastructure remains safe and secure. Automation is the only way to be able to keep up in a constantly evolving threat landscape.
- Block phishing attempts: Make use of DNS filtering tools to prevent employees from visiting potentially malicious sites or receiving infected emails from unintended sources. Careful examination of DNS records is a good way to significantly reduce the chance that a phishing attack will be successful.
- Inspect encrypted traffic: More than 80% of a company’s digital traffic is now occurring over encrypted channels. Unfortunately, industry research shows that 50% of phishing attackers use HTTPs to hide their attacks. In this way they can use known malware payloads but simply hide them within an encrypted data stream. Visibility into the traffic is critical. Use tools that can decrypt HTTPs traffic, examine it, and then re-encrypt it with a new digital certificate.
- Deploy layered security: Effective IT security cannot be achieved with a single product or tool. For this reason, it is important to have multiple layers of security in place to guard against and identify attacks. Also, operational technology and Internet of Things networks should be kept separate from other IT resources.
- Extend secure access: Manufacturers rely on a distributed ecosystem of staff, partners, contractors, suppliers, and customers. All need varying levels of access to the manufacturer’s IT systems and therefore pose a potential risk. By taking advantage of single sign-on techniques, these risks can be lowered by minimising the burden of multiple passwords and ensuring parties can only access the resources that they require. Consider also making use of multi-factor authentication tools to further strengthen security.
- Establish a trusted wireless environment: As the number of wireless devices within factories and warehouses continues to climb, manufacturers increasingly need a secure network through which they can connect. This network should be separated from existing Wi-Fi networks used in office areas and from public Wi-Fi networks used by visitors. In this way, production devices will be shielded from a range of threats including rogue access points, ad-hoc connections, and misconfigured hardware.
- Use rugged security in harsh environments: Many factories have environments that are not suited to IT hardware that was designed to work in offices or computer rooms. Choose components that have been designed specifically to work in such harsh environments and can reliably provide the level of security required.
By following these steps, manufacturing companies can be confident they are best placed to withstand the constant threat of cyberattack. Valuable intellectual property can be protected and vital production equipment can operate without disruption.