Ransomware has become a major threat to the manufacturing industry as cyber-criminal groups increasingly take an interest in targeting the industrial control systems (ICS) that manage operations.
According to analysis by cybersecurity researchers at security company Dragos, the number of publicly recorded ransomware attacks against manufacturing has tripled in the last year alone.
While a lot of manufacturing relies on traditional IT, some elements of manufacturing relies on ICS when mass-producing products – and that’s an area that several hacking groups are actively looking to target.
SEE: Network security policy (TechRepublic Premium)
That’s potentially very troubling because the interconnected nature of the manufacturing supply chain means that if one factory gets taken down by a cyberattack, it could have wide-ranging consequences.
For example, if a manufacturing facility that mass produces medicines or other health products was hit by a ransomware attack, that could have knock-on impacts for the healthcare sector as a whole.
It’s this level of threat that has led cybersecurity researchers at Dragos to describe ransomware with the ability to disrupt industrial processes as the “biggest threat” to manufacturing operations – and at least five hacking groups are actively targeting or demonstrating interest in manufacturing.
For cyber criminals, manufacturing makes a highly strategic target because in many cases these are operations that can’t afford to be out of action for a long period of time, so they could be more likely to give in to the demands of the attackers and pay hundreds of thousands of dollars in bitcoin in exchange for getting the network back.
“Manufacturing requires significant uptime in order to meet production and any attack that causes downtime can cost a lot of money. Thus, they may be more inclined to pay attackers,” Selena Larson, intelligence analyst for Dragos, told ZDNet.
“Additionally, manufacturing operations don’t necessarily have the most robust cybersecurity operations and may make interesting targets of opportunity for adversaries,” she added.
The nature of manufacturing means industrial and networking assets are often exposed to the internet, providing avenues for hacking groups and ransomware gangs to gain access to the network via remote access technology such as remote desktop protocol (RDP) and VPN services or vulnerabilities in unpatched systems.
As of October 2020, the company said there were at least 108 advisories containing 262 vulnerabilities impacting industrial equipment found in manufacturing environments during the course of this year alone, many of which potentially leave networks vulnerable to ransomware and other cyberattacks.
“Unfortunately, unpatched vulnerabilities that can enable initial access will always be an issue. Testing and applying patches as soon as practicable is very important for preventing exploitation,” said Larson.
Cyber criminals are deploying ransomware because it’s often the quickest and easiest way to make money from compromising a large network. But by gaining enough control of the network to deploy ransomware, hackers will often also be able to access intellectual property and sensitive data that also resides within the network.
That could potentially lead to hacking groups using ransomware as a smokescreen for cyberattacks designed to steal intellectual property, which could be extremely damaging to victims in the long run.
“Gaining visibility into the OT environment is very crucial – you can’t protect what you don’t know exists,” said Larson.
That means taking steps such as conducting regular architecture reviews to identify assets, ensuring devices and services are kept up to date, and conducting “crown jewel analysis” to identify potential weaknesses that could disrupt business continuity.
MORE ON CYBERSECURITY
As vaccination drive begins, Indian employers attempt to obtain vaccine for staff
Many Indian companies, including a few from the Tata Group as well as the JSW Group are trying to obtain a few lakh doses of the COVID-19 vaccine for their employees and their families.
These companies are discussing with the vaccine-manufacturing pharmas ways to make double shots of the vaccine available for their staff. If the talks are successful, the staff working in the manufacturing units will receive the shots first.
On the other hand, in the US, a federal deal has been struck to increase the speed of vaccine production. The vaccine manufacturers will be allowed to set aside doses of vaccine for their own employees and their families, so that they do not have to wait in line for their turn as per the schedule of the public health policymakers.
Emergent BioSolutions, the Maryland-based manufacturer, hasd entered into a deal in June to speed up manufacturing capabilities and capacity for a potential vaccine. It is said to have entered into deals worth hundreds of millions of dollars to manufacture the vaccine doses for AstraZeneca, Johnson & Johnson and Novavax, as part of ‘Operation Warp Speed’.
Serum Institute of India as well as Bharat Biotech have already started delivering their vaccines across India, with the inoculation process to officially begin today, that is, January 16.
Healthcare and frontline workers will receive the vaccines first before it becomes available for others.
Tractors, Pod Ice Cream and Lipstick Awarded CES 2021 Worst in Show
Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’
Google cuts off other Chromium-based browsers from its Sync service
Google said today that it caught other Chromium-based browsers piggybacking on its infrastructure and abusing the Chrome Sync service to store their users’ data, bookmarks, and browsing history on Google’s servers, without approval.
The discovery was made during “a recent audit,” Google said today in a short statement.
To prevent future abuse, Google said it plans to limit some of the Chrome APIs (features) that it includes inside Chromium starting March 15, 2021, making them unavailable for any other browser developed on top of the Chromium open-source codebase.
This doesn’t only impact Chrome Sync but also other features such as the Chrome Spelling API, the Contacts API, the Chrome Translate Element, and many more.
All of these APIs are implemented inside the Chromium source code, the open-source skeleton that is at the base of the Chrome browser, and which Google open-sourced years ago.
Under normal circumstances, other companies that build browsers on top of the Chromium code usually remove these APIs and build their own similar systems, over which they can have control.
The recent abuse discovered by Google stems from incidents where “some third-party Chromium based browsers” added API keys to these Chrome specific features and integrated them inside their offshoot browser products.
This resulted in these companies abusing Google servers to store their own data, effectively cutting development costs on Google’s back.
Google has given these companies two months to remove these Chrome-specific APIs and features from their code and implement their own before their access is cut off.
The browser maker did not name the Chromium-based browsers that abused its systems, and the list of Chromium-based browsers is also too long to make an educated guess, ranging from big names like Microsoft Edge, Opera, and Brave to smaller endeavors like Blisk, Colibri, and Torch.
Ethereum, Dogecoin, Maker Price Analysis: 15 January
How are Chainlink’s whales propping up its price?
Bitcoin Cloud Mining With Shamining: Is it Worth it? [Review]
NavCoin releases its new privacy protocol, one day after Binance adds NAV to its staking program
Litecoin Regains Footing After Being Knocked Back by Resistance
Warp Finance Relaunches With ‘Additional Security’ from Chainlink
Hackers Leak Stolen Pfizer-BioNTech COVID-19 Vaccine Data
Ghana fintech startup secures $700k investment
Sophisticated Hacks Against Android, Windows Reveal Zero-Day Trove
Crypto Games May Substitute Regular Video Games in 2021
Nokian One All-Season Tire Has Life Expectancy Of 80,000 Miles
High-Severity Cisco Flaw Found in CMX Software For Retailers
Amundi and BNY Mellon form strategic alliance
New insights into how COVID-19 can impact the brain and CNS
The Cannabis Craze is Back in Gear (NASDAQ: SNDL) (NASDAQ: GRWG) (OTC US: MEDH) (OTC US: CRLBF)
Affinity Gaming’s SPAC Gaming & Hospitality Acquisition files for a $150 million IPO
Is Gold Still Worth Buying in the Bitcoin Age?
Fiat Chrysler throws its weight behind Archer’s eVTOL project
CISOs Prep For COVID-19 Exposure Notification in the Workplace
Schroders appoints Global Head of Infrastructure in Private Assets
Cannabis1 week ago
5 Hemp CBD Flower Strains You Should Try in 2021
Blockchain1 week ago
Is it late to have no account Cryptocurrency payment and online payment
Amb Crypto1 week ago
Cardano, Cosmos, FTX Token Price Analysis: 09 January
Amb Crypto1 week ago
Bitcoin futures volume hits an ATH of $100 billion
PR Newswire1 week ago
Kintor’s Proxalutamide (GT0918) COVID-19 Clinical Trial Shows Positive Preliminary Results in Treatment of Female Patients
Covid191 week ago
Mapped: Drone Privacy Laws Around the World
Blockchain6 days ago
Bitcoin, Altcoins Dip. Are Crypto Entering Bear Territory?
NEWATLAS7 days ago
Lenovo AR glasses let you multi-screen virtually anywhere
Blockchain1 week ago
Norwegian Block Exchange secures large private investment
NEWATLAS1 week ago
Externally powered implant designed to treat obesity
Amb Crypto1 week ago
Stellar Lumens, Tron, Algorand Price Analysis: 09 January
SPAC Insiders1 week ago
LightJump Acquisition Corporation (LJAQU) Prices Upsized $120M IPO