Manufacturing – Cyber A Real Threat

Manufacturing

The manufacturing industry is becoming a prime target for hackers where their technology is being compromised resulting in significant disruption within this sector.

Make UK , the Manufacturers Organisation recently carried out a cyber security resilience survey in the UK which demonstrated varying degrees of preparedness by manufacturers.

https://www.makeuk.org/insights/publications/2019/09/06/cyber-security-and-manufacturing

The highlights of the report were as follows:-

  • 60% of manufacturers indicated that they had been subject to some form of cyber security incident
  • 41% of their customers had requested evidence of the robustness of their cyber security processes and procedures
  • 31% of manufacturers were also asked this question within the supply chain

IBM’s 2019 Global Threat Intelligence Index showed that 10% of all attacks are aimed at the manufacturing sector.

Cyber Risk 

As with most business digital transformation is underway but with this brings new vulnerabilities and threats which need to be managed. For the manufacturing sector achieving the optimum production rates is vitally important and one of the ways in achieving this is through digitisation and a greater reliance on connectivity throughout the organisation.

What are some of the main Cyber Threats in this sector?

  • The theft of intellectual property by a hacker
  • Ransomware attacks from malware
  • Phishing attacks through as a result of access via the industrial control system
  • Spam messages which when deployed on mass will impact on productivity and communications within the organisation.
  • The compromise of the firms website that may impact on their reputation should defamatory of controversial commentary be posted by a hacker.
  • Employees or customers being subject to identity theft where they have had their personal details accessed by a cyber attack. This could include bank and credit card information details that are then used to commit fraud or are sold on the dark web.

How can the sector help protect itself ? 

Cyber risk management plays an important role in combating the evolving and unpredictable cyber threats that exist and should be pro-active rather than reactive.

In tandem with this businesses in this sector would benefit from purchasing cyber insurance which provides coverage for financial loss caused as a result of unauthorized access of their computer systems. More important it also provides incident response services from an established vendor panel drawn up by insurers.

Irrespective as to how cyber threats are managed it important that this given the correct level of priority at board level so that the right attention and appropriate resources are utilized to protect the well being of the organization.

Image : Shutterstock

How Secure Is Your Supply Chain?

Supply Chain

Many businesses are now reliant on third parties in order to function and to provide their goods or services. These third parties are likely to form a supply chain providing such capabilities as IT services, HR outsourcing and hosting services.

The calibre of these services can vary greatly be they a large conglomerate to small local business. Each suppler will have they own cyber security processes and procedures that should be embedded within the business….. but in practice is this the case and what is the impact on a business if they suffer a cyber security breach?

With reliance now placed on a supply chain it is important that due diligence is carried to ensure that this resilience is in place.

What sort of processes can be carried out in order to provide some assurances?

  • Regular cyber security audits of third party vendors
  • Prioritization of vendors for critical services
  • Review of data monitoring standards of third parties
  • Ensure own security procedures remain at a high standard enforcing regular patching and installation of latest firewalls.
  • Managing of privileges provided outside of the business
  • Robust procurement processes for new vendors
  • Management of contractual liability with the vendor in the event of a possible data breach
  • Due diligence of cloud service providers
  • Insurance checklist for professional indemnity and or cyber insurance by the vendor
  • Review interconnected devices to managed The Internet of Things ( IoT) exposures

The supply chain of a business can be their weakest link and managing this should be given the same level of attention as the internal cyber risks that exist.

The National Cyber Security Center publish a list of some of the risks that businesses should look out for :-

https://www.ncsc.gov.uk/content/files/protected_files/guidance_files/Cyber-security-risks-in-the-supply-chain.pdf

The consequences of a third party suffering a compromise of their computer systems could lead to  the following:-

1.Business Interruption

2. Reputational Damage

3.Regulatory Actions and Fines

4.Loss of customers

5.Costs incurred to the business to rectify loss of data or damage to computer systems

6.There have been a number of high profile data breaches where losses have emanated from the supply chain :-

Target

In December 2003 hackers gained access to the heating and ventilation system of the retailer Target. As a result of network credentials being stolen from a mechanical services engineer the hackers were then able to gain access to credit and debit card data of customers. The cost of the breach is thought to be close to $300M with 100 million individuals being affected and the CIO of Target resigning soon after the breach.

Stuxnet

This was a malicious computer worm that targeted automated processes utilized to control machinery on factory assembly lines and systems within the nuclear industry.

It was introduced into a supply network via an infected USB flash drive by individuals that had access to the system It was then possible for the worm to move across the network which scans software that controls machinery and n influence the commands that were given.

NonPetya

Last year NonPetya was a malicious code aimed at software supply chains. The targets were outdated and unpatched Windows systems utilizing the EternalBlue vulnerability which hit many global businesses such as WPP DLAPiper and Maersk.

The hackers initially breached a financial services company in the name of MeDoc which was a third party software service readily utilized by goverments. Once access had been obtained they were able to install malware on their software which was then distributed to end users when the latest update was downloaded.

A report earlier this year by Symantec reported that there had been a 200% increase over the last 12 months in hackers injecting malware implants into the supply chain to gain access to the organizations computer systems.

https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-2018-en.pdf

Perhaps one of the keys to ensuring that a supply chain is secure is to try and enforce the supply chain to have in place similar robust cyber security procedures and practices to the business in order to manage the evolving cyber risk landscape that exists.

 

Image : Shutterstock

The Good,The Bad and the Dark Web

The Dark Web

So what is the Dark Web?

We have all heard of the dark web but it is unlikely that we actually know what it is…..

The Dark Web is part of the world wide web and requires specific software in order for it to be accessed, once this is in place its websites and other services can be readily accessed. Not all sites are visible and can be hidden because they have not been indexed by a search engine and can only be accessed if the precise address of the website is known.

The dark web sits below the “Surface Web” i.e.Google and Yahoo and the “Deep Web” which includes scientific and government reports and subscription-only information.

Certain markets operate within the dark web and are known as “darkest markets”which tend to sell illegal goods such as drugs and firearms, the currency of which is bitcoin where it is difficult to trace the source of the recepient.

Individuals and groups can seek total anonymity as these are generally groups who wish to stay hidden on line from the police and governments.

Let’s go Dark….

This is possible by downloading software such as Tor known as the “Onion Router” where users can be idenitified by the domain name “onion” and focus in providing anonymous access for users. Whilst 12P  the “Invisible Internet Project” permits the anonymous hosting of websites. It is not possible to identify the IP address and track dark net users due to the layered encryption systems that are in place. Intermediate servers are also used which helps in making identification impossible.

The Dark Side 

Hackers exist here to sell their services offering services such as :-

  • Tools for DDoS attacks
  • Fraud services
  • Phishing of websites
  • Scams
  • The recruitment of hackers

The Impact on Cyber Insurance 

The insurance industry focuses on loss prevention and it is important therefore that they are alive to new and developing threats which can in the first instance be discovered on the dark web.

Stolen data can appear in the dark web which can include for example names , addresses, credit card and bank account details rails  and medical records, these will be for sale from various sources.

An innovative step by CFC Underwriting Limited has been launched with RepKnight whereby they offer a dark web monitoring tool called BreachAltert for its policyholders that provides alerts in real time should their data become exposed on the dark web. This can be configured for e-mail domains server IP addresses, employee login credentials and lists of clients and employees. This will enable policyholders to be the first to know if their information has been leaked.

https://www.repknight.com/cfc-underwriting-cyber-policyholders-set-to-benefit-from-free-dark-web-monitoring-in-industry-first/

Image : Shutterstock

The Cyber Highway…Supply Chain Essential

Are you on road to the Cyber Highway?

It is unlikely that your supply chain is travelling in this direction yet as this initiative was only launched last month in London by Lord David Blunkett, the chairman of Cyber Essentials Direct Limited.

The concept behind this is to help improve a businesses cyber security posture and to provide reassurances in their supply chain which traditionally can present a significant cyber security threat…… an area which businesses often overlook and who have little or no control over.

What is the Cyber Highway?

It is a user friendly on-line portal certification process aimed at large businesses who rely on their supply chains. Cyber Essentials is the certification process that will be utilized. which is a UK Government Scheme that was launched in 2014 to help businesses protect themselves against mainstream cyber attacks. During this process it will also be possible for businesses to monitor the progress of their suppliers in attaining Cyber Essentials accreditation.

https://www.thecyberhighway.com/welcome

https://www.gov.uk/government/publications/cyber-essentials-scheme-overview

Certain Government departments already require their suppliers bidding for contracts to be Cyber Essentials certified. This requirement is likely to become more widespread in other industries in the future as cyber security becomes an increasing focus in the commercial world.

The Benefits

  • It is designed for all business sizes
  • It is a series of clear self-assessment statements
  • The provision of a comprehensive quality assurance frame -work
  • A user friendly on-line platform
  • A fully integrated and comprehensive cyber security self auditing system
  • Provision of a complete range of accessible tools and solutions

Helping the Cyber Landscape

It assists in securing the supply chain of business

It protects the infrastructure of businesses with whom larger companies trade

Post BritExit it is important that British businesses hold a recognized cyber security certification and this will further highlight.

Cyber Claims in the Supply Chain 

One of the highest profile cyber claims is that of the Target Corporation which took place in 2013 where cyber criminals infiltrated a third party supplier in order to gain access to Target’s data network. This breach costs Target $61M and had a impact on their profits which fell 46% that year.

Stuxnet is a malicious computer worm that is normally introduced to the supply network via an infected USB flash drive and targets automated process that control machinery on factory lines. There have been a number of reported incidents involving Stuxnet.

On-line retailers is another business sector that can be susceptible to compromises due emanating from a supply chain vulnerability. Home Depot suffered a credit data breach in 2014 which was due to stolen credentials from a third party vendor.

Implications for Cyber Insurance

Cyber insurers are likely to favor the instigation of the Cyber Highway as this represents improved risk management to the supply chain of businesses which currently offers concern to them being an avenue for claims that it presents to hackers and the ability to compromise their computer systems that may lead to a data breach or resulting in cyber crime.