Manufacturing cyber security and why logistics should care

Original Content

In an era defined by technological advancement and interconnected systems, the manufacturing industry is embracing digital transformation to fuel unprecedented efficiency and productivity. However, this evolution is accompanied by profound and growing cybersecurity challenges. Kory Daniels, CISO at Trustwave shared with us how the sector is fighting the challenge.

‘The sector’s extensive repositories of intellectual property (IP) and supply chain data make it an attractive target for access and data brokers, who seek to capitalise on ransoming this valuable information,’ says Kory.

A recent report from Trustwave shows there is a substantial surge in ransomware attacks, capable of singularly disabling an organisation’s production facilities. This downtime translates to substantial financial losses, often reaching thousands of pounds per minute. Additionally, the industry faces threats such as intellectual property theft and damage to equipment. Consequently, this impact sets off a cascading effect, leading to the idle workforce of the targeted organisation and adversely affecting downstream customers.

Logistics should care because…

‘Threat actors frequently impersonate trusted third-party brands like shipping companies to trick targets into clicking malicious links or attachments. For example, DHL was cited as the second most impersonated brand, comprising 13% of phishing attacks on the industry,’ Kory continues.

As logistics operators make up part of a company’s supply chain, it’s vital that they follow strict cybersecurity protocols and have effective policies in place. Threat actors tend to go for the weakest link, so if they’re able to breach an organisation somewhere along a company’s supply chain, they’re likely to get access to their primary target and carry out a wider supply chain attack.

Preventing & protecting

Cyber threats targeting manufacturers are multifaceted, spanning from phishing emails to supply chain compromises to OT system attacks. With such a broad spectrum of risks, companies cannot rely on one silver-bullet to fix the problem. Training employees on cyber risks through regular mock phishing tests and security awareness programs is crucial because people tend to be the component attackers exploit the most.

In addition to the above, companies should also monitor for threats proactively. This involves monitoring the Dark Web on a regular basis for potential compromises as well as running continuous threat hunting through their environments for otherwise undetected dangers.

Finally, formalising and regularly testing an incident response policy for the scenarios most likely to target a manufacturing company is vital. These tests should undoubtedly be kept up to date and regularly performed to ensure they’re still valid. ✷