February 27, 2024 at 04:37AM
Cybercriminals increasingly targeted the manufacturing industry with ransomware attacks last year, with 70% of industrial ransomware infections affecting manufacturing companies. Dragos CEO Robert Lee explains that manufacturing’s early adoption of IoT and connected machines, without adequate security, makes it a prime target. Furthermore, a ransomware infection at German control systems provider PSI highlights the ongoing threat to manufacturing.
Key takeaways from the meeting notes:
1. Ransomware attacks against the manufacturing industry have significantly increased, with 70% of all industrial organization ransomware infections being directed at manufacturing companies.
2. Manufacturing organizations are particularly vulnerable due to inadequate spending on security in relation to investment in IoT and connected machines, making them rich targets for cybercriminals.
3. Manufacturing companies continue to struggle the most with segmentation, compared to other industrial sectors, which hinders their ability to implement effective network defenses.
4. OT and industrial control systems within manufacturing companies are targeted by cybercriminals due to their impact on revenue generation and the willingness of companies to pay ransoms quickly.
5. The manufacturing industry is also susceptible to supply-chain attacks, where exploiting vulnerabilities in commonly used software or equipment can lead to mass targeting for ransomware infections.
6. Recent ransomware infections, such as the one experienced by German control systems provider PSI Software, have caused significant disruptions and potential data theft. Measures to prevent data exfiltration are not always effective.
7. These attacks often start in the IT systems of manufacturing and industrial control organizations, rather than directly targeting the control systems themselves.
8. A critical vulnerability affecting widely used Mitsubishi Electric Machines has been identified, which could allow attackers to execute remote code and cause denial-of-service conditions.
9. Another commonly used enterprise IT product, Oracle E-Business Suite iSupplier web services, has vulnerabilities that have been exploited by threat groups such as LAURIONITE to gain access to manufacturing companies’ environments.
10. The focus on vulnerable systems within manufacturing companies poses a significant threat to intellectual property and could potentially impact manufacturing operations and society at large.
These takeaways highlight the urgency for manufacturing organizations to strengthen their cybersecurity measures, particularly in the face of increasing ransomware attacks and vulnerabilities in widely used IT products.