Recently, the cybersecurity spotlight has been on manufacturing, and not for good reason. Manufacturing is the second most-targeted industry by cyber-attackers, and the most notorious hacks of 2021 happened in the manufacturing and critical infrastructure sector. The Colonial Pipeline and JBS hacks caught the attention of the entire country – not just because the companies were victims of cybercrime, but because the consequences of the cybercrime fell outside of the digital landscape: America experienced gas and fuel shortages as well as meat production delays and inflation due to the respective cyber-attacks.
Manufacturing organizations are often at high risk for a pretty simple reason: they have a lot to offer hackers. Between the real-world implications outlined above and the damage done from operational downtime, manufacturers can’t afford to spare time to respond to a data breach, meaning there’s even more incentive to pay ransoms and acquiesce to hackers immediately. As a result, ransomware payouts in the manufacturing industry average higher than in any other industry. Yet, there’s another culprit that makes manufacturers even more appealing to hackers: remote access.
Remote Access in Manufacturing
Manufacturers use thousands of third parties to run daily operations. Even something as simple as operating a forklift may require a third-party vendor. This amount of third-party access creates tons of gaps in security that malicious hackers are all too happy to exploit.
Going back just five to ten years, manufacturing organizations relied on physical security to protect industrial control systems, critical data, operational technology, and applications. Oftentimes, protecting these systems meant locks on doors, keycards, security cameras, and security guards. Today, almost everywhere, that traditional physical security now has to be supplemented by a cybersecurity implementation that’s just as robust. Keeping out malicious parties, like hackers, is both a physical and digital challenge.
Remote access, by nature, is external access that’s necessary for the support of the manufacturer. Each instance of remote access is the digital equivalent of handing out a keycard that lets someone into one of these critical environments. Since manufacturers use hundreds and potentially thousands of third parties, that means hundreds and potentially thousands of keys are being handed out. Unless proper controls are in place, each of these instances creates a new opportunity for a hacker to find their way into the environment. As the need for remote access rises and the number of users increases, hackers also have a higher chance of finding the loose ends (such as shared credentials, simple passwords, a lack of MFA, or overly broad access) and getting where they want to be due to privileged access that third parties often require.
How to Patch Remote Access Vulnerabilities
Remote access is unavoidable for manufacturers. In the age of smart factories and the fourth industrial revolution, decentralized workforces and remote access are now commonplace. Third parties are needed for manufacturers and critical infrastructure organizations to stay afloat. But that doesn’t mean you can’t patch the holes and vulnerabilities of remote access to minimize the number of threats.
- Expect the worst. You need to realize that you are inherently at risk. First, you’re in manufacturing – the second most targeted industry by hackers, as previously stated. Second, you use third parties, who are responsible for over half of data breaches. Third, the rate of hacking methods like ransomware is only increasing. Finally, the old ‘it’s never going to happen to me’ mentality is hurting organizations because they’re neglecting to accept the reality of the threat landscape and build security structures that will protect them. Don’t have this mindset – have a mind shift and realize you’re under attack. Read more:https://bit.ly/38yFZxS
You can also read this: Experts Detail Saintstealer and Prynt Stealer Info-Stealing Malware Families