Anything connected poses a risk, whether it’s the smart thermostat in the front office fish tank, the numerous desktop printers used each day or the million-dollar piece of equipment producing key components on the plant floor.
Case in point: Early this month, ethical hackers – specifically researchers at CyberNews – took control of nearly a million printers to clearly illustrate the dangers of connected, but unsecured devices. Lack of printer security is nothing new. However, that does not lessen the significance of the threat they post to organizations. The Fancy Bear hack last summer demonstrated the risk, spotlighting why heavily connected companies need to pay more attention what’s connected, why it is connected and what risk those connections represent to other areas within the business. After all, these common devices are often an open door to the networks powering other device within the enterprise.
In the most recent white hat hack, the only real consequence was printing a security manual to once again remind people of the importance of security. A bad actor could have gone much deeper within the organization, stealing vital information or infusing ransomware with the ability to totally cripple most businesses.
Equipment is not the only risk
In the attempted Tesla attack, the hackers specifically targeted an employee as the potential weakest link. While this attempt had positive results for Tesla, that is not always the case. This is especially true when manufacturers fail to properly train employees to identify and report threats.
Alex Schlager the executive director and chief product officer of security services at Verizon Business tells IndustryWeek, the Verizon 2020 Data Breach Investigations Report (DBIR), this year there was over 922 incidents with 381 being confirmed data disclosure cases.
“Overall, 8% of breaches involved misuse by authorized users - actions, which are intentional actions undertaken by internal employees that result in some form of security incident. In the manufacturing industry, the DBIR found that misuse was present in 13% of breaches and was one of the top three threat patterns,” says Schlager. “Employees who were found misusing their access to steal remains a concern for the industry. Different misuse types in manufacturing breaches include: privilege abuse, the actor has legitimate access but they use those privileges to do something nefarious—and data mishandling – for example, sending company data via personal email.”
Next steps
Data breaches are becoming a bigger concern for companies as they face continuous vulnerabilities within their online infrastructure, explains Schlager.
The following are recommendations that would be applicable to manufacturers according to the 2020 DBIR:
- Use continuous vulnerability management systems to find and remediate things like code-based vulnerabilities.
- Implement email and web browser protection to lock down browsers and email clients to give your users a fighting chance when facing the internet.
- Provide security awareness and training programs to educate your users, both on malicious attackers and on accidental breaches.