Are you vaccinated against the Virus?
Is your computer system prepared for the inevitable attack?
Today’s podcast discusses the scary reality that manufacturers are the number one target of cyber attacks around the globe. Manufacturing companies are at risk for ransomware and intellectual property theft. It’s even possible for hackers to take control of a factory’s machine tools remotely.
I interviewed Drew Phillips, senior systems integration engineer at MxD (Manufacturing x Digital), a company that helps US manufacturers secure their facilities from cyber attacks.
In 2019, manufacturing was the 10th largest industry targeted by hackers worldwide, but in just three years it has become the number one target. Today it is easier to steal intellectual property than ever before because all of our sensitive information is located on central computers.
Often hackers use ransomware, with which they hold intellectual property hostage in exchange for money.
Even if a manufacturer is not hacked, it can still be harmed if another company in its supply chain is hacked. This makes manufacturing companies vulnerable and attractive targets for hackers.
One of the most famous ransomware hacks was the WannaCry hack in 2017, originating in North Korea. It spread to 150 countries around the world, infecting more than 200,000 computers and stopping production at Nissan in England for several days.
Hackers can control a shop’s machine tools remotely
The most notorious example of a of hack taking control of a machine tool is known as Stuxnet. In 2010, a malicious computer worm, allegedly created by the United States and Israel, attacked Iranian nuclear centrifuges, causing them to tear themselves apart. Many people say this was the first known example of a hack specifically designed to take control of machine tool PLCs.
Drew says that the code for the worm still remains on the dark web. Cyber criminals could employ it or some other hack to take control of CNC machines anywhere in the world.
Methods Hackers Employ
Often Hackers use phishing attacks, such as getting people to open malicious links in emails, which then trick them into entering passwords. There are a myriad of other ways that hackers employ to steal passwords or entice computer users to accidentally download malicious files that can infect an entire network.
Hackers even leave thumb drives containing viruses in parking lots, hoping people will pick them up and plug them into their computers.
Cybersecurity Best Practices
Official best practices in cybersecurity is known as NIST, National Institute of Standards and Technology. NIST has a cybersecurity framework with five tenants; identify, protect, detect, respond, and recover.
Identifying is essential because you can’t protect what is on a system if you don’t know what is there in the first place.
It’s very difficult to detect a cyber attack, which magnifies its danger. The World Economic Forum’s 2020 global risk report said that the rate of detection of an attack was .05% in the US—only 5 of 10,000 cyber attack cases detected.
MxD’s Assistance for Companies
MxD shares best practices that its own facility has implemented. It provides manufacturing companies with a questionnaire so companies can evaluate their cybersecurity standards.
It also has a cybersecurity marketplace, in which it advises companies where to get cybersecurity solutions.
Drew Phillips says MxD’s mission is to help manufacturing companies improve and innovate in their operations.
The organization is dedicated to educating manufacturers about their return on investment in cybersecurity because being hacked is not a matter of if, but a matter of when—when cyber criminals find one moment of weakness
Check out MxD’s booth at IMTS 2022, or go to their website to learn more.
Question: How have you taken steps to defend your company against cyber attacks?