Connect with us

HRTech

Manufacturing is becoming a major target for ransomware attacks

Avatar

Published

on

Ransomware has become a major threat to the manufacturing industry as cyber-criminal groups increasingly take an interest in targeting the industrial control systems (ICS) that manage operations.

According to analysis by cybersecurity researchers at security company Dragos, the number of publicly recorded ransomware attacks against manufacturing has tripled in the last year alone.

More on privacy

While a lot of manufacturing relies on traditional IT, some elements of manufacturing relies on ICS when mass-producing products – and that’s an area that several hacking groups are actively looking to target.

SEE: Network security policy (TechRepublic Premium)

That’s potentially very troubling because the interconnected nature of the manufacturing supply chain means that if one factory gets taken down by a cyberattack, it could have wide-ranging consequences.

For example, if a manufacturing facility that mass produces medicines or other health products was hit by a ransomware attack, that could have knock-on impacts for the healthcare sector as a whole.

It’s this level of threat that has led cybersecurity researchers at Dragos to describe ransomware with the ability to disrupt industrial processes as the “biggest threat” to manufacturing operations – and at least five hacking groups are actively targeting or demonstrating interest in manufacturing.

For cyber criminals, manufacturing makes a highly strategic target because in many cases these are operations that can’t afford to be out of action for a long period of time, so they could be more likely to give in to the demands of the attackers and pay hundreds of thousands of dollars in bitcoin in exchange for getting the network back.

“Manufacturing requires significant uptime in order to meet production and any attack that causes downtime can cost a lot of money. Thus, they may be more inclined to pay attackers,” Selena Larson, intelligence analyst for Dragos, told ZDNet.

“Additionally, manufacturing operations don’t necessarily have the most robust cybersecurity operations and may make interesting targets of opportunity for adversaries,” she added.

The nature of manufacturing means industrial and networking assets are often exposed to the internet, providing avenues for hacking groups and ransomware gangs to gain access to the network via remote access technology such as remote desktop protocol (RDP) and VPN services or vulnerabilities in unpatched systems.

As of October 2020, the company said there were at least 108 advisories containing 262 vulnerabilities impacting industrial equipment found in manufacturing environments during the course of this year alone, many of which potentially leave networks vulnerable to ransomware and other cyberattacks.

“Unfortunately, unpatched vulnerabilities that can enable initial access will always be an issue. Testing and applying patches as soon as practicable is very important for preventing exploitation,” said Larson.

SEE: Cybersecurity: Let’s get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)

Cyber criminals are deploying ransomware because it’s often the quickest and easiest way to make money from compromising a large network. But by gaining enough control of the network to deploy ransomware, hackers will often also be able to access intellectual property and sensitive data that also resides within the network.

That could potentially lead to hacking groups using ransomware as a smokescreen for cyberattacks designed to steal intellectual property, which could be extremely damaging to victims in the long run.

“Gaining visibility into the OT environment is very crucial – you can’t protect what you don’t know exists,” said Larson.

That means taking steps such as conducting regular architecture reviews to identify assets, ensuring devices and services are kept up to date, and conducting “crown jewel analysis” to identify potential weaknesses that could disrupt business continuity.

MORE ON CYBERSECURITY

Source: https://www.zdnet.com/article/manufacturing-is-becoming-a-major-target-for-ransomware-attacks/#ftag=RSSbaffb68

HRTech

As vaccination drive begins, Indian employers attempt to obtain vaccine for staff

Avatar

Published

on

Many Indian companies, including a few from the Tata Group as well as the JSW Group are trying to obtain a few lakh doses of the COVID-19 vaccine for their employees and their families.

These companies are discussing with the vaccine-manufacturing pharmas ways to make double shots of the vaccine available for their staff. If the talks are successful, the staff working in the manufacturing units will receive the shots first.

On the other hand, in the US, a federal deal has been struck to increase the speed of vaccine production. The vaccine manufacturers will be allowed to set aside doses of vaccine for their own employees and their families, so that they do not have to wait in line for their turn as per the schedule of the public health policymakers.

Emergent BioSolutions, the Maryland-based manufacturer, hasd entered into a deal in June to speed up manufacturing capabilities and capacity for a potential vaccine. It is said to have entered into deals worth hundreds of millions of dollars to manufacture the vaccine doses for AstraZeneca, Johnson & Johnson and Novavax, as part of ‘Operation Warp Speed’.

Serum Institute of India as well as Bharat Biotech have already started delivering their vaccines across India, with the inoculation process to officially begin today, that is, January 16.

Healthcare and frontline workers will receive the vaccines first before it becomes available for others.

Source: https://www.hrkatha.com/employee-health/as-vaccination-drive-begins-indian-employers-attempt-to-obtain-vaccine-for-staff/

Continue Reading

Cyber Security

Tractors, Pod Ice Cream and Lipstick Awarded CES 2021 Worst in Show

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Source: https://threatpost.com/tractors-pod-ice-cream-lipstick-ces-2021-worst/163117/

Continue Reading

Cyber Security

Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Source: https://threatpost.com/microsoft-implements-windows-zerologon-flaw-enforcement-mode/163104/

Continue Reading

HRTech

Google cuts off other Chromium-based browsers from its Sync service

Avatar

Published

on

google-chrome-error.png

Google said today that it caught other Chromium-based browsers piggybacking on its infrastructure and abusing the Chrome Sync service to store their users’ data, bookmarks, and browsing history on Google’s servers, without approval.

The discovery was made during “a recent audit,” Google said today in a short statement.

To prevent future abuse, Google said it plans to limit some of the Chrome APIs (features) that it includes inside Chromium starting March 15, 2021, making them unavailable for any other browser developed on top of the Chromium open-source codebase.

This doesn’t only impact Chrome Sync but also other features such as the Chrome Spelling API, the Contacts API, the Chrome Translate Element, and many more.

All of these APIs are implemented inside the Chromium source code, the open-source skeleton that is at the base of the Chrome browser, and which Google open-sourced years ago.

Under normal circumstances, other companies that build browsers on top of the Chromium code usually remove these APIs and build their own similar systems, over which they can have control.

The recent abuse discovered by Google stems from incidents where “some third-party Chromium based browsers” added API keys to these Chrome specific features and integrated them inside their offshoot browser products.

This resulted in these companies abusing Google servers to store their own data, effectively cutting development costs on Google’s back.

Google has given these companies two months to remove these Chrome-specific APIs and features from their code and implement their own before their access is cut off.

The browser maker did not name the Chromium-based browsers that abused its systems, and the list of Chromium-based browsers is also too long to make an educated guess, ranging from big names like Microsoft Edge, Opera, and Brave to smaller endeavors like Blisk, Colibri, and Torch.

Source: https://www.zdnet.com/article/google-cuts-off-other-chromium-based-browsers-from-its-sync-service/#ftag=RSSbaffb68

Continue Reading
Amb Crypto2 days ago

Ethereum, Dogecoin, Maker Price Analysis: 15 January

Amb Crypto2 days ago

How are Chainlink’s whales propping up its price?

Blockchain2 days ago

Bitcoin Cloud Mining With Shamining: Is it Worth it? [Review]

Amb Crypto2 days ago

NavCoin releases its new privacy protocol, one day after Binance adds NAV to its staking program

Blockchain2 days ago

Litecoin Regains Footing After Being Knocked Back by Resistance

Blockchain3 days ago

Warp Finance Relaunches With ‘Additional Security’ from Chainlink

Cyber Security4 days ago

Hackers Leak Stolen Pfizer-BioNTech COVID-19 Vaccine Data

Venture Capital3 days ago

Ghana fintech startup secures $700k investment 

Cyber Security4 days ago

Sophisticated Hacks Against Android, Windows Reveal Zero-Day Trove

Blockchain4 days ago

Crypto Games May Substitute Regular Video Games in 2021

Automotive4 days ago

Nokian One All-Season Tire Has Life Expectancy Of 80,000 Miles

Cyber Security4 days ago

High-Severity Cisco Flaw Found in CMX Software For Retailers

Blockchain4 days ago

Amundi and BNY Mellon form strategic alliance

NEWATLAS5 days ago

New insights into how COVID-19 can impact the brain and CNS

Cannabis4 days ago

The Cannabis Craze is Back in Gear (NASDAQ: SNDL) (NASDAQ: GRWG) (OTC US: MEDH) (OTC US: CRLBF)

SPACS2 days ago

Affinity Gaming’s SPAC Gaming & Hospitality Acquisition files for a $150 million IPO

Blockchain4 days ago

Is Gold Still Worth Buying in the Bitcoin Age?

NEWATLAS5 days ago

Fiat Chrysler throws its weight behind Archer’s eVTOL project

Cyber Security4 days ago

CISOs Prep For COVID-19 Exposure Notification in the Workplace

Blockchain4 days ago

Schroders appoints Global Head of Infrastructure in Private Assets

Trending