While manufacturers are not necessarily easier targets than peers in other industry sectors, it is clear that today's hackers recognize the growing value associated with attacking industrial organizations. Unfortunately, the stats show it. According to a recent Digital Shadows report that examined ransomware attacks in 2020, the industrial good sector accounted for 29%.
And, unfortunately, the list of industrial companies publicly acknowledging attacks or data leaks continues to grow including Palfinger, Foxconn, Steelcase, Nissan, Solarwinds, KYB Corp., CMA CGM, Tesla and Honda. Admittedly, the growing number of organizations suffering from cyber concerns is mind boggling.
“Unfortunately, this is a trend we’ve been tracking for a while. OT Systems are the crown jewels for organizations and threat actors are going after them. Making matters worse – more OT-related common vulnerabilities and exposures (CVEs) were reported last year than ever before. The days when threats to industrial networks were few and far between and often attributed to nation-state actors are clearly behind us,” says Andrea Carcano, co-founder of Nozomi Networks. “As IT, OT and IoT worlds converge, threat actors of all types are setting their sights on higher value targets, leaving security organizations scrambling to keep up. The good news is security professionals are no longer taking these threats lightly.”
According to Carcano, a recent Gartner survey found operational risk management is now the top priority for security risk managers, and industrial organizations are stepping up their security. “It’s a challenging task, but not impossible,” he says. “We know from working with thousands of industrial installations that you can monitor and mitigate these risks, and a new generation of IoT and cloud-scale solutions are making it easier than ever to scale quickly while minimizing complexity and cost.”
Turning the tide
It’s not too late for manufacturers to take action. Industrial manufacturers, including chemical, pharma, food and beverage, and automotive sectors, need to transform their approach to network security in order to stay one step ahead of the ransomware curve, Carcano tells IndustryWeek, while also providing three steps to help improve operational resiliency and defend operations against attack:
1.Adopt a cybersecurity framework.
Armed with cybersecurity best practices and the right technology, companies can protect their production, people, and reputation, while preserving the bottom line. Top manufacturers are researching and selecting a cybersecurity framework to follow, such as IEC 62443, NIST, or NIS. These frameworks offer guidelines for cybersecurity best practices and tools for facilitating their implementation. From an accurate asset inventory to identifying potential threats, manufacturers can follow industry guidelines and best practices to attain next-level cybersecurity resiliency.
2. Improve Network and Operational Visibility
If the IT/OT team doesn’t know what devices they have on their network, they can’t protect their assets or segment the network for better resiliency. It’s not uncommon for manufacturers to think that they have 5,000 devices, when the number is more like 10,000. By inventorying all assets on your network, you can achieve real-time visibility into your devices, connections, communications, and protocols. This allows you to continuously monitor, spot and troubleshoot networking and communication issues that threaten reliability. System deviations are often the first sign of a network attack.
3. Integrate Your OT and IT network security
OT knows how to meet production targets and keep the plant running. IT has the expertise to address networking and cybersecurity issues that are unfamiliar to ICS staff. When IT and OT work together, we see stronger operational resiliency. Unfortunately, oversight of OT security is still often quite fragmented. Collaboration between IT and OT is critical to reducing the blind spots and security risks surrounding highly connected industrial control systems.
"By adopting a cybersecurity framework, improving asset visibility, and driving IT/OT convergence, the industrial sector can greatly improve operational resiliency and better defend against today’s sophisticated ransomware attacks,” says Carcano.