May 7, 2021

Manufacturers Need an Active Cybersecurity Posture

Andrew Homer
6 min
Cybersecurity | Industrial Cybersecurity | Technology | Digital Factory | Smart Manufacturing
To protect manufacturers’ IP from cyberattacks, Andrew Homer, VP of Security Strategy at Morphisec explains why an active cybersecurity posture is Ne...

As cyber attackers continue to exploit the security gaps created by COVID-19, enterprises worldwide are on high alert as government warnings roll in and attacks dominate news cycles. As the fallout from the SolarWinds attack has illustrated, even applications that companies use day-to-day can be turned into malicious programs by nefarious actors. And for the manufacturing industry that’s already dealing with downward pressure on demand, production, and revenue, they most certainly have not escaped these vicious cybersecurity threats.

In fact, with the FBI’s Cyber Division reporting that the number of reported cyberattacks catapulted by 400% to 4,000 attacks per day during the height of the pandemic, manufacturers have unfortunately been a tasty target. Furthermore, last year, the Manufacturers Alliance for Productivity & Innovation (MAPI) released a report with Deloitte that found 40% of manufacturers were victims of a cyberattack in the past 12 months. Worse yet, the economic impact of attacks are increasing as malicious parties targeting the manufacturing industry target intellectual property. In fact, the cost of each breach for manufacturers is now greater than $1M according to MAPI. 

But even coming off cybersecurity awareness month, manufacturing companies facing significant pressure to kickstart economic recovery could face the most sophisticated cyber threats they’ve seen to date. 

Placed Under Siege by State-Sponsored Attackers

Accounting for about a tenth of the U.S. GDP and employing more than 15M people, there’s no doubting the role that the manufacturing industry plays in the national economy's success. In fact, analysts at Goldman Sachs have gone on record to opine that the U.S. is over-reliant on its output for economic growth. But for state-sponsored cyber attackers looking to probe national vulnerabilities, gather intelligence, and exploit money, they have a lot to gain by infiltrating an industry with critical IP. So as we continue to reel from the fallout of COVID-19, it’s hardly a surprise that we’re seeing an uptick in activity from these types of threat actors. 

As far back as April of last year, for instance, when the extremity of this virus was being realized and millions of Americans were in the early stages of an unprecedented work-from-home experiment, Google reported that it had detected more than 12 state-sponsored hacking groups using the pandemic as a way to craft phishing emails and attempt to distribute malware. This resulted in the United States government issuing an advisory to all businesses directly involved in the country’s Coronavirus response to beware of attack. As many facilities battled tremendous surges in workload and demand, this included companies manufacturing vital PPE gear and other healthcare supplies. Of course, these facilities were also fighting wide-scale disruptions in their global supply chain of materials, something both online criminals and nation-backed hackers sought to take advantage of, and it worked. Now, researchers say that manufacturers have already experienced an 11% increase in attacks and intrusions on their networks in 2020 than all of 2019.

But with the entire U.S. on high alert, how do these bad actors still manage to bypass detection? Sophisticated cyber attackers are increasingly using behavior analysis of defense systems to introduce noise and decrease the confidence of newer machine learning defenses, while also capitalizing on whitelisting by utilizing legitimate applications to execute malicious code. 

For example, Deloitte highlighted a multinational engineering and electronics firm targeted by attackers that infected removable media such as USB devices. Once the infected device was connected to its plant’s internal network, the advanced malware was automatically deployed -- grabbing control of the plant and running commands to influence its supervisory control and data acquisition (SCADA) systems. This type of attack targeted high-value infrastructure to cause widespread damage to the organization and even an entire nation. Therefore, the level of complexity, sophistication, and funding needed for this type of attack suggests that the bad actors were likely state-sponsored. 

But the truth is, as with all industries forced into remote work environments due to COVID-19, they’ve simply become easier targets for cybercriminals. 

Critical Gaps Exposed by Remote IT Team

Even the largest manufacturing companies have limited IT resources and security teams. But with these assets moving to remote environments since the onset of COVID-19, security setups that rely on detection-based solutions have been further complicated -- something attackers have been taking note of since February. And as a result, IT teams are under immense pressure to protect their organizations from attack. Yet, research studies conducted throughout the pandemic have highlighted just how difficult this is, with most employees working from their unprotected personal laptops.

In fact, one such study found that 56% of workers have been using their personal computers while working remotely, and 23% admitted that they didn’t even know what security protocols were installed on their devices. These statistics are sure to make hackers’ mouths water as they set their sights on stealing valuable IP.

And as the threat of COVID-19 fails to slow down and many employees remain remote, we can expect to see more businesses fall victim to attack and the cost per breach rise across the country. That is, of course, unless these enterprises embrace proactive cyber defenses that quash hackers before they have the chance to infiltrate systems. 

Protecting IP With Active Cyber Defenses

Regardless of external factors and economic conditions, it is difficult to secure legacy systems, valuable IP and customer data connected to modern applications and even third-party systems, making manufacturers extremely attractive targets. But as we’ve already mentioned, the good news is that most cyberattacks are preventable. Of course, basic security hygiene measures, such as enabling two-factor identification, are essential. 

However, deploying more active defense mechanisms has also proven vital as threat actors become more sophisticated. The U.S. Department of Defense defines active defense as “The employment of limited offensive action and counterattacks to deny a contested area or position to the enemy.” In cybersecurity environments, active protection can take on the shape of basic cyber defensive capabilities to cyber deception and adversary engagement operations. The combination of these defenses allows an organization to counter current attacks and learn more about that adversary, and better prepare for new attacks in the future.

One example of deception technology is moving target defense, which is increasingly being used by high-risk organizations like DHS that provide end-to-end protection against the most damaging attacks. Moving target defense disables attackers from being able to accurately identify the resources they need to leverage to evade manufacturer’s current defenses, and guard businesses’ critical systems from the most sophisticated Zero-day info-stealers used by nation-state actors by scrambling the locations of all memory without any human management. 

Moving target defense is undoubtedly tailor-made for this unparalleled environment where hackers are unrelentingly punishing those with even the slightest security gaps. By utilizing these proactive defense forms, manufacturers can protect themselves from in-memory exploits, new zero-days, fileless attacks, and evasive malware. And as we expect these types of attacks to proliferate in the coming months as the U.S. political and economic landscape heats up, manufacturers can rest assured that they’ve bolstered their focus on effective, enduring endpoint security strategies, and thus, mitigated the risk of vicious state-sponsored attacks stealing IP and disrupting operations. 

Share article

Jun 8, 2021

IMF: Variants Can Still Hurt Manufacturing Recovery

Elise Leise
3 min
The International Monetary Fund (IMF) claims that while markets are rising and manufacturing is coming back, it’ll push for global immunisation

After a year of on-and-off manufacturing in the US, UK, and the eurozone, demand for goods surged early last week. Factories set growth records in April and May, suppliers started to recover, and US crude hit its highest price point since pre-COVID. As vaccination efforts immunise much of the US and UK populations, manufacturers are now able to fully ramp up their supply chains. In fact, GDP growth could approach double-digits by 2022

Now, the ISM productivity measure has surpassed the 50-point mark that separates industry expansion from contraction. Since U.S. president Biden passed his US$1.9tn stimulus package and the UK purchasing managers index (PMI) increased to 65.6, both sides of the Atlantic are facing a much-welcomed manufacturing recovery. 

Lingering Concerns Over COVID

Even as Spain, France, Italy, and Germany race to catch up, and mining companies pushed the FTSE 100 index of list shares to a monthly high of 7,129, some say that UK and US markets still suffer from a lack of confidence in raw material supplies. Yes, the Dow Jones has made up its 19,173-point crash of March 2020, and MSCI’s global stock index is at an all-time high. 

Yet manufacturers around the world realise that these wins will be short-lived until pandemic supply chain bottlenecks are solved. If we keep the status quo, consumers will pay the price. In April, inflation in Germany reached 2.4%, and across the EU’s 19 member countries, overall prices have increased at an unusual pace. Some ask: Is this true recovery? 

IMF: Current Boom Could Falter

Even as Elon Musk tweeted about chip shortages forcing Tesla to raise its prices, UK mining demand skyrocketed; housing markets lifted; and the pound sterling gained value. The International Monetary Fund (IMF), however, cautioned that manufacturing recovery won’t last long if COVID mutates into forms our vaccinations can’t touch. Kristalina Georgieva, Washington’s IMF director, noted that fewer than 1% of African citizens have been vaccinated: “Worldwide access to vaccines offers the best hope for stopping the coronavirus pandemic, saving lives, and securing a broad-based economic recovery”. 

Across the globe, manufacturing companies are keeping a watchful eye on new developments in the spread of COVID. Though US FDA officials don’t think we’ll have to “start at square one” with new vaccines, the March 2021 World Economic Outlook states that “high uncertainty” surrounds the projected 6% global growth. Continued manufacturing success will in large part depend on “the path of the pandemic, the effectiveness of policy support, and the evolution of financial conditions”. 

Mathias Cormann, secretary-general of the Organisation for Economic Co-Operation and Development (OECD) concurred—without global immunisation, the estimated economic boom expected by 2025 could go kaput. “We need to...pursue an all-out effort to reach the entire world population”, Australia’s finance minister added. US$50bn to end COVID across the world, they imply, is a small investment to restart our economies.

Share article