For full functionality of this site it is necessary to enable JavaScript. Here are the instructions how to enable JavaScript in your web browser.

Close

Not a member yet? Register now and get started.

lock and key

Sign in to your account.

Account Login

4 Types of Cyber Attacks Targeting Manufacturers

The manufacturing industry is not a new target for cyber attacks, but it is experiencing new kinds of attacks. Here’s how to protect your operations.

It turns out that things have changed quite a bit recently—most notably, around the types of attacks being aimed at manufacturing sites.

Right now, we’re seeing a new wave of stealthy, sophisticated attacks that bypass standard security measures like firewalls, malware detection and intrusion detection systems and pose a serious threat to the operations and safety of manufacturing companies. Previous defenses may work sufficiently against older threats, but they’re getting completely blind-sided by these newer, more sophisticated attacks.

Behind these new attacks are state-backed spies, in an effort to steal technology and production secrets and map industrial assets; organized crime, which can profit from stealing and reselling intellectual property as well as using cyber-extortion to make money; and hacktivist groups which simply want to cause chaos and disruption and generate public attention.

Considering the changing cybersecurity threat level faced by manufacturers, they should be concerned the most with four specific types of attacks. Those attacks are:

* Drive-by Downloads. In this type of attack, malware is installed on a person’s computer or other device as soon as they visit a compromised website. This website may be criminally controlled/hosted or it could be a legitimate and widely used website which you’d never suspect to be the source of an infection.

* Cross-Site Scripting. Like the drive-by download, cross-site scripting (or XSS) takes advantage of legitimate websites to conceal its attack. But the XSS doesn’t install malware on the computer. Instead, it steals all stored login credentials and passwords from within the browser. Consequently this attack could expose a manufacturer to considerable harm, allowing attackers to gain access to key online accounts, network control and access, machinery system access, client and vendor portals, bank accounts and more. In most cases, XSS is an attack that is delivered over email using a legitimate-looking URL to execute the attack.

* Watering Hole Attack. Hackers typically have a specific company or industry in mind when they set up this kind of attack. They find a website regularly visited by employees of that company or industry and inject malicious code into it that will target visitors. Once employees of the targeted company visit the website, they are infected either through a drive-by download attack or ‘malvertising,’ which is when malware is delivered through a third-party advertising network on a website.

* Wrappers. A wrapper is a type of malware concealed inside a legitimate software program to make it undetectable. Every software program has a signature that tells you what it is. Malware has a signature too. Antivirus and intrusion detection systems work by checking incoming code to see if the signatures match any known malware. If detected, the harmful program is caught and isolated. However, hackers have figured out that if you can change the code, you can beat the detection tool. Wrappers are a key part of this because, instead of seeing this malware for what it is, a detection tool will think it’s something legitimate—like a PDF, Word doc, a computer game or utility tool.

To thwart these types of attacks, manufacturers have to adopt a very robust defense-in-depth approach, that is equally devoted to prevention and post-breach mitigation.

In addition to a strong perimeter defense using malware detection, firewalls, and access controls to data and systems, the company should use email white lists for executives, password managers for all employees, and make sure there are no open ports connected to the Internet. The company should also do public domain audits to make sure no sensitive information can be accessed online via advanced search queries, and make sure no single employee has access to too many systems. Also, consider adding script-blocking plugins to employees’ Internet browsers which will block some of these attacks.

Companies should also plan for the worst. Every manufacturer should assume they will be breached. To deal with this, companies should segment their network as much as possible so that if a hacker or malware gets in, they can’t easily move across the entire network. Encrypt critical data so that even if the attacker gets it, they can’t use it. Backup data, so that they also can’t ruin you by deleting or encrypting the data.