Cyberattacks in Manufacturing Sector - A Clear and Present Danger
The manufacturing sector has become an increasingly prominent target for cybercriminals and the COVID-19 pandemic has made the situation even worse.
Recent cyberattacks on the sector
Cybercriminals are actively targeting various manufacturing industries, ranging from food and beverage (F&B), automobile industry, to semicondutor industry.
- Earlier this month, Tower Semiconductor, a chip manufacturer from Israel, was hit by a cyberattack, which halted some of their manufacturing operations.
- In June, the Australian beverage maker, Lion, was hit by a major cyberattack that took down its internal systems and and disrupted their manufacturing process.
- In North America, Tesla factory in Nevada was targeted in a serious cybersecurity attack, where a Russian hacker tried to recruit an employee to spread malware into a system. The company, with help of the FBI, was able to thwart the attack.
Ransomware attacks take a lead
According to a recent study by Kivu Consulting, the manufacturing sector paid out 62% of total ransomware payments in 2019. Some of the known attacks include Conti ransomware targeting Volkswagen Service Center; SK Hynix and Hoa Sen Group being targeted by Maze group; Konica Minolta attacked by RansomEXX, and DopplePaymer ransomware targeted Amphastar Pharmaceuticals Inc., among others.
Other prominent attack vectors
- Unsecured servers: The Southeast Asia-based manufacturer of gaming hardware firm, Razer, suffered a data leak due to an unsecured database exposing customer data online.
- Unpatched vulnerabilities: Pioneer Kitten, an Iranian APT group, was found leveraging several critical exploits in VPNs and networking equipment to steal corporate credentials of organizations from various industries, including manufacturing, and selling them on the dark web. ATM manufacturing giants Diebold Nixdorf and NCR released software updates to address bugs that could have been exploited for deposit forgery attacks.
- Abuse of legitimate tools: The Operation Chimera hacking campaign was observed using skeleton keys to target Taiwanese chip vendors and their subsidiaries.
Cybercriminals are now increasingly targeting the manufacturing sector to seize and steal sensitive information and collect ransom payments. Organizations must understand this change in the global scenario, and try to adapt their cybersecurity strategies accordingly to secure their distributed, internet-connected devices and networks.