By Gregory Hale
Manufacturing is in plain sight for bad guys planning a cyberattack or cyberespionage, a new report found.
And why not, for the most part manufacturing remains low hanging fruit for anyone wanting to get in and abscond with data, money, or intellectual property.
The scope and diversity of cyber threats to manufacturers have grown from Stuxnet or Shamoon-like attacks to the relatively frequent ransomware risks.
Beyond malware attacks on industrial firms, cyberattacks on manufacturers can include efforts to corrupt data, steal intellectual property, sabotage equipment, and disable networks. The motives and impacts vary widely, but all such cyberattacks cost time and money to firms and their customers. These growing cyberattacks pose increasing risks to economies and societies at large.
The report said there is a critical need for U.S. government and industry to build an effective cybersecurity framework to safeguard against a future major attack on the U.S. manufacturing industry.
The report, entitled “Cybersecurity for Manufacturers,” came from the Computing Research Association’s Computing Community Consortium (CCC) and MForesight, a federally-funded consortium for the U.S. manufacturing industry.
While cyberattacks still most often target high profile sectors such as financial services, public administration, and utilities, manufacturing as an industry is a significant target.
“In the past, the manufacturing sector has been concerned about cyberattacks that aim to extract intellectual property such as engineering information, formulas, or other proprietary data that might be the target of industrial espionage,” said Edgard Capdevielle, chief executive at Nozomi Networks. “However, recent attacks on a wide range of industries have raised concern about the resiliency and reliability of the supply chain that is critical to manufacturing operations and to other aspects of national security, such as military equipment and supplies. Now manufacturers have joined the ranks of other critical infrastructure industries taking steps to secure not only their intellectual property, but also their operational systems and industrial control systems (ICS) that comprise the foundation of production line operations. Leading edge companies are using technologies that apply artificial intelligence and machine learning for real-time detection and response to cyber-attacks. The frequency and sophistication of cyberattacks targeting manufacturing is likely to accelerate. Fortunately, the latest technological advances are giving manufacturers the tools to help detect and remediate their operations amid an escalating threat landscape.”
The scale and variety of cyberattacks on U.S. manufacturers have been growing in recent years and are quickly approaching a critical level.
The lack of recognition of the threat may represent the greatest risk of cybersecurity failure for U.S. manufacturers, since they are the targets of nearly half the known global cyberattacks on manufacturing, the report found.
Manufacturers are often the targets of cyber-espionage attacks that sought to steal intellectual property (IP) and trade secrets.
Citing research done by Symantec, the report found more than half of successful IP thefts involved state-affiliated actors, and 57 percent of these attacks had their origins in China—although detection of Chinese-origin malware has fallen following a 2015 cyber agreement signed between the United States and China.
There are no simple solutions, but the report discussed a few options:
• Manufacturers need trusted third-party partners, and there’s space for the creation of a new public-private partnership focused on manufacturing supply chain cybersecurity.
• Public and private partners can expand and coordinate manufacturing cybersecurity “boot camps” to boost awareness of best practices and train key manufacturing personnel to mitigate risks.
• There is a need for R&D investment in solving near-term security challenges and seizing opportunities, including: Automated risk assessment tools, tools to audit the extent of attacks, robust parts and data validation.
• There’s also need for long-term research investments like the creation of “security reference architectures” for manufacturing. This means working to define Information Technology and Operational Technology functions as well as consistent standards and integration requirements for diverse players and system “touchpoints.”
• Information-sharing matters. An Information Security Advisory Council (ISAC) or similar body could facilitate fault-free, anonymous sharing on incidents, threats, vulnerabilities, best practices, and solutions. Existing ISACs provide useful models.