- Get link
- X
- Other Apps
In companies themselves, but also in the supply chain, there are many neglected points of attack for cyber attacks. Industrial companies still have a lot of catching up to do - and this does not only affect small and medium-sized companies.
The advancing networking in the context of Industry 4.0 or Smart Factory undoubtedly brings many advantages. Whether it is unified management of production, the use of sensor data for production planning, or the improvement of maintenance cycles based on digital evaluations of machine behavior and wear. Modern networked systems make all of this possible. But with this networking, the digital attack surface for cybercriminals is also growing. Because both in the companies themselves and in their supply chains lurk many dangers that have so far been neglected. Industrial companies still have a lot of catching up to do in terms of cybersecurity - and this does not only affect small and medium-sized companies.
Current Cyber Attacks - Underestimated Dangers
The aluminum manufacturer Norsk Hydro provided an example of this last year. The company fell victim to a ransomware attack, which led to several Group locations in different countries being affected by production interruptions. The cost of this incident is believed to have been substantial. But also in this country, companies from the manufacturing industry have been targeted by cybercriminals in recent months. In these attacks, the attackers relied on specially crafted file attachments that were supposed to contain invoices from 1 & 1 or information on alleged tax refunds to deceive their potential victims. The attachments were prepared in such a way that after the user had activated macros, the GuLoader malware initially infected the victim's PC. GuLoader is a so-called downloader that reloads the actual primary malware only after the initial infection.
However, companies in the manufacturing industry in particular often underestimate the risk that such attacks pose to them. IT security officers know about the complexity of their IT and OT systems, but one important aspect is regularly neglected. This is once again made clear by the aforementioned cyberattacks this summer: The primary cyber threat for companies has not been due to security gaps in the technical infrastructure of companies for years. The greatest gateway for attackers these days is by far the individual employee who uses and operates the IT and OT systems.
The Staff as the Last Line of Defense
At first, cybercriminals don't care who falls for one of their methods in a company. Be it by passing on access data on a phishing website or by infecting a company system with malware. It is particularly important for them that they can build a kind of bridgehead in the company's IT, from which they can then carry out further actions. These can range from a ransomware infection of the company to forged e-mails on behalf of the organization, with the help of which business partners are to be convinced to divulge information or even to transfer funds to the accounts of the cybercriminals.
Because of this, when it comes to IT security, it is necessary to keep an eye on the entire workforce and not just selected VIPs who are likely to be most likely to be attacked. Rather, it is important to protect all employees as best as possible. Regardless of their hierarchical position in the company, however, taking into account the respective degree of risk - i.e. the extent of their access rights and any signing authority.
Unlike in the early days of cybersecurity, when the industry primarily focused on technical security gaps, this way of thinking is now considered outdated by experts. Cybercriminals have long tried to specifically exploit the human weaknesses of employees to successfully implement their attacks. To this end, the attackers keep coming up with new methods and baits that are intended to encourage potential victims to click carelessly. This can often be enough to pave the way for cybercriminals. Opening a prepared document or visiting a website that reloads malware unnoticed is usually enough.
Study Reveals Ignorance of Many Employees
But how can such careless actions by employees be prevented to improve the protection of the company? First of all, IT security managers need to become aware that knowledge about cyber threats is not as widespread as some would like to assume. This is what the latest State-of-the-Phish report from Proofpoint shows that, for example, only 61% of the employees surveyed worldwide have anything to do with the term »phishing«. In the United States, it was only 49%, while white-collar workers in Germany performed best at 66%. Other cybersecurity terms also presented difficulties for a wide variety of employees. Only 31% of those questioned were able to correctly classify »ransomware«. It is noteworthy, however, that in the previous year's survey 45% of the participants correctly assigned this cyber threat. One explanation for this could be that ransomware attacks have fallen sharply since 2018 and are therefore less present in the perception.
Even with passwords, many employees still have a lot of catching up to do when it comes to the security of their access data. The fact that passwords are often used for different services and accesses is a thorn in the side of security experts. In the survey, only 23% stated that they use a password manager. And only 32% of those surveyed use an individual password for each service. 29% switch between five to ten different passwords and a full 16% use the same one or two passwords for all of their accesses.
Raising Awareness of Cyber Threats Is Critical
These figures show that when it comes to IT security, employees are nowhere near the level of knowledge they would need to comprehensively prevent modern cyberattacks. It is, therefore, necessary to inform all employees - regardless of their role in the company - about the dangers in this area and to make them aware of them in the long term. This is exactly the goal pursued by special cybersecurity awareness training that has a long-term effect on the participants. In contrast to conventional training courses, the participants are not introduced to the topic in a training course lasting several hours. Rather, it is about integrating IT security into the everyday life of employees. Short but recurring training courses are designed to keep employees constantly informed about current cyber risks.
High Costs in Case of Successful Attacks
While a successful cyber attack is a severe test for any company, the follow-up costs of an attack can vary from industry to industry. The extent to which a company is dependent on a functioning IT infrastructure also has an impact on how great the damage actually turns out in the event of a cyber attack. But it is precisely here that one sector stands out in particular: For manufacturing companies, attacks by cybercriminals are usually associated with immense costs. The networking of your systems often means that the entire production - sometimes at different locations - comes to a complete standstill. The financial damage quickly runs into the millions.
Install total security to prevent cyber attacks.
It should therefore be a concern of security officers in manufacturing companies not to want to guarantee the protection of their own systems only through network protection. Comprehensive protection requires much more interaction of secured technical systems, which take modern attack vectors into account, and employees who are aware of cyber threats.
Comments
Post a Comment