Fabien Rech is the Vice President EMEA at network security company Trellix. He caught up with Manufacturing Digital to discuss the cybercrime plague on manufacturing and how digitalisation can help keep the supply chain intact.
The manufacturing and supply chain sectors are interconnected networks that keep our world turning. These veins of the global economy underpin everything. As a result, we all feel the impact when this sector is met with challenges, such as fuel shortages, or when it is mobilised to great effectiveness, such as the global vaccine roll out.
However, being such a high profile and critical segment of the economy comes at a cost. Our reliance on manufacturing and the supply chain makes it a top target for cybercriminals.
A drive to digitalisation in manufacturing and the supply chain
The cyber risks in manufacturing and the supply chain are only becoming more acute as the drive to digitalisation intensifies. While it has been underway for years, the acceleration of technology adoption has been widely accepted as one of the few positive impacts of the pandemic. Widespread digitalisation has increased efficiencies and allowed many people to continue working remotely while the adoption of digital twin technologies has also helped to reduce lost hours of production by mitigating equipment failure.
Yet this progress also means that the manufacturing and supply chain sectors are now reliant on millions of connected devices, software-as-a-service (SaaS) platforms are even more fundamental to operations and huge amounts of valuable information is stored in the cloud. With every advancement made, the sector is expanding its potential attack surface - providing more potential opportunities for cybercriminals to exploit and creating a more complex IT estate which can be harder for security teams to police.
The world’s cyber defence authorities on high alert for cyber crime
In an industry where exploited vulnerabilities can cause major disruption, the prospect of an organisation’s digital transformation outpacing its cybersecurity strategies and investment is worrying. We’re now seeing the reality of criminals trying to take advantage of that gap. For example, it was recently reported that Chinese government-linked hackers have tried to steal sensitive data from three dozen manufacturing and technology firms in the US, Europe and Asia.
The situation in Ukraine has presented new and significant concerns for governments and put the world’s cyber defence authorities on high alert. In April, a group of official cybersecurity authorities, including agencies from the UK, US and Australia, warned that Russian state-sponsored hackers could target supply chains as a vital part of Western national infrastructure. They urged critical infrastructure network defenders to prepare for and mitigate potential cyber threats, from destructive malware to cyber espionage, by hardening their cyber defences and being diligent in their identification of indicators of malicious activity.
A clear increase in cyber crime attacks
Our recent Threat Labs Report (April 2022) found that the transportation, shipping, manufacturing and information technology industries showed a sharp increase in threats over the last six months. From Q3 to Q4 2021, threats to manufacturing increased 100%. In Q4, transportation and shipping were the target of 27% of all advanced persistent threat (APT) — activity by adversarial and stealthy actors — detections.
Perhaps it is no surprise that one in five manufacturing staff has been involved in a breach while at work. Yet when you contrast this with our recent Cyber Readiness Report, which found 82% of employees believe software supply chain risk management is of either high or crucial importance for national security, the juxtaposition between perceived value and actual protection becomes stark.
Simplify and integrate security operations
So how can organisations in these highly targeted sectors protect themselves from cyberattacks? After years of digital transformation, many companies are dealing with a patchwork of technology and cybersecurity solutions. This plethora of tools creates yet more challenges for IT security teams. Alerts get missed, too much time is spent pivoting between tools to search for anomalies, and not enough time is left for actively remediating vulnerabilities. In short, teams struggle to manage the rapidly evolving threat landscape when held back with siloed security.
To address these SecOps challenges, organisations in the manufacturing and supply chain sectors should consider implementing a flexible, scalable XDR (extended detection and response) architecture that can seamlessly integrate with their current security tools and connect all the dots to eliminate security gaps. When data is fed into a centralised platform and correlated with other data in a native and open environment, alerts become actionable and SecOps team gain single pane-of-glass visibility into every system. This saves time, reduces administrative fatigue and makes it tougher for criminals to exploit a weakness.
The manufacturing industry must learn and adapt against cyber crime
As the attack surface continues to expand, adaptive security will become even more important. Implementing an intelligent, proactive security system that can constantly reshape itself to match an organisation’s specific threat landscape will help improve the front line of defence.
Organisations must improve their automation, remediation, and resiliency capabilities to defend against increasingly sophisticated attacks. With machine learning and AI, they can gain the insight needed to predict and prevent emerging threats, identify root causes, and automate processes to enable a quick response - anticipating new threats and adjusting to ensure they remain protected.
An alive and embedded security strategy is needed for the supply chain and manufacturing industries
Attackers will continue targeting the global supply chain and manufacturing industries. Without embedded security that can keep evolving in line with threats, organisations risk being left open to cyberattacks. Digitalisation must go hand-in-hand with implementing security that can adapt and flex to the business’ needs today and in future.