The manufacturing sector is plagued with a constant barrage of cyberattacks. For instance, Panasonic recently suffered a breach after an unknown third-party infiltrated one of its servers and accessed sensitive customer and employee records.
One of the reasons behind these constant attacks may be the mammoth size of the industries and the use of peculiar software products with complex technologies across the industry.
Key trends in attacks
The manufacturing sector is facing multiple cyberattacks owing to increased automation. A more software-centric approach coupled with the adoption of IoT, which is still evolving, exposes a larger attack surface to cybercriminals.
- In the last two months, several threat groups such as DEV-0343, IronHusky, Lazarus APT, Gamaredon, along with evolving Iranian attackers, have been observed targeting organizations related to manufacturing.
- Cybercriminals have prominently used multiple ransomware in their attacks such as Ranzy Locker, Conti Gang, Lockean, and other malware identified as MysterySnail and BotenaGo.
- As for the observed attack vectors, cybercriminals have often used unauthorized access, brute-force, and phishing attacks, along with some other attack methods such as exploitation of software vulnerabilities.
The cyberattacks were observed targeting multiple regions around the world, including Western Asia, Africa, Western Europe, Eastern Europe, the Middle East, and North America.
The exploitation of security holes
Along with common attack vectors, cybercriminals are observed increasingly taking advantage of vulnerabilities in manufacturing-related software. These vulnerabilities allow easy or inside access to targeted networks.
- Recently, an APT was found exploiting a flaw to compromise FatPipe products to breach targets’ networks.
- New vulnerabilities were discovered in MediaTek, which allows snooping on the audio in a large number of smartphones.
- Netgear fixed a pre-authentication buffer overflow flaw in its small office/home office devices.
- Multiple vulnerabilities were discovered in an embedded Wi-Fi module (Lantronix’s PremierWave 2050).
Conclusion
Cybercriminals are actively using different types of malware to exploit vulnerabilities at manufacturing facilities. Further, the increased use of software-based solutions and industrial IoT devices increases the risk as well. Therefore, manufacturing sector organizations are suggested to focus and invest in their security posture proactively to avoid any malicious intrusions.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_73158286.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock_25243135_MEDIUM.jpg)
