The down-time and massive disruptions caused by phishing and malware are jeopardizing the world’s manufacturing industries, says this zero-trust proponent.
The Industry 4.0 era has provided manufacturers with the digital capabilities to make industrial manufacturing and the management of local, regional and global supply chains more efficient and sustainable.
Thanks to connected IoT devices and applications, companies can utilize production and customer data to predict defects before they occur, to manage and expand complex supply networks, or even to tailor their production to individual customer needs.
While the advancements in manufacturing brought about by Industry 4.0 have enabled corporations to save costs while increasing output and meeting surging demand, this revolution has not come without challenges. Conscious and eager to tap on these benefits, Southeast Asian governments have rallied policies around facilitating supply chains to be optimized for technology advancements.
In Singapore, the manufacturing and supply chain industry has its own Industry Transformation Map as part of the effort to upgrade existing industries. The map highlights the use of digital solutions specific to capture growth opportunities leveraging innovation.
In Thailand, efforts to digitize its business landscape—Thailand 4.0—this includes the implementation of technology in its logistics and supply chain industries. Logistics is one of the industries intended to be the alternative forces for the future Thai economy.
Growth comes with cyber risks
With the growing use of IoT-based applications, many companies in the SE Asian manufacturing sector have also become increasingly vulnerable to cyberattacks. The COVID-19 pandemic has only exacerbated vulnerability, making it all the more critical for business leaders to understand where their vulnerabilities lie. A Singapore Cyber Landscape Report described 35 cyberattacks in 2019, an increase from 21 cases. Systems affected included gaming, travel and tourism, manufacturing, and logistics.
The interconnected IoT devices, through which critical production data is transmitted, present an attractive attack surface for cybercriminals. Attacks targeting the Domain Name System (DNS) or using it as a vector has become especially appealing amongst threat actors.
Cybercriminals aim to take advantage of the openness of DNS. According to the EfficientIP-IDC 2020 Global DNS Threat Report, 75% of manufacturing companies experienced at least one DNS attack last year, and the average cost of each attack hovered around US$825k. Victimized manufacturing companies each suffered an average of 10 DNS attacks over the course of the year.
How cyber-attacks disrupt the industry
Such attacks can have a significant impact on production processes and supply chain management. For example, if a large manufacturing company loses access to a supply chain management application, a chain reaction is set into motion that can affect the entire company: its suppliers, and customers.
If the product is personal protective equipment or medication set to be distributed to hospitals, the repercussions could be profound. Moreover, according to the study, of all industries surveyed, the manufacturing industry took the longest to mitigate attacks, at nearly seven hours. This not only impacts supply chain, but machinery uptime and physical plant safety.
Some of the more common attack types in the manufacturing sector include phishing (40% of companies surveyed experienced phishing attacks), malware (35%), and DNS amplification attacks (22%). Of manufacturing organizations, 60% suffered app downtime as a result of a DNS attack, and 52% experienced cloud service downtime. App and cloud down times have the ability to significantly affect access to data, supply chain logistics and more. Any disruption in these areas could lead to significant reputational damage for enterprises.
Given these statistics, it is clear why over 80% of manufacturing respondents rated DNS security as extremely important or very important. The effect of DNS attacks on manufacturing and supply chains can indeed be devastating. DNS is also at the heart of data privacy and regulatory compliance—data exfiltration via DNS often goes unnoticed as the information is hidden in normal network traffic. This is why manufacturing companies that are looking to protect data confidentiality put monitoring and analysis of DNS traffic as their top priority, ahead of adding more firewalls or securing endpoints.
Trust no one
When an attack occurs, there are a variety of countermeasures that organizations can take. Of the manufacturing respondents in the Threat Report, 56% temporarily shut down specific affected processes and connections, and 54% disabled some or all of the affected applications.
Unfortunately, these types of countermeasures can have significant financial and business implications. Respondents (43%) were likely to shut down a server or service in the event of an attack, potentially affecting the operations and profitability of an entire manufacturing facility.
Organizations in the industrial sector can take measures to prevent and mitigate these types of attacks. They should accelerate threat investigation by including DNS security in a security-by-design framework, and should implement purpose-built DNS security with effective auto-remediation capabilities for limiting attack damage and reducing mitigation time.
Adding adaptive countermeasures to the mix will help ensure continuity of business and services. Companies should also rely more on zero trust strategies that prevent breaches by using strict access controls and assuming that anyone on the network is not to be trusted, requiring verification before granting access to resources.
Zero trust is a strategy that can make better use of behavioral analytics to determine who is a likely threat and who is not. Currently, only 17% of manufacturing respondents in the DNS Threat Report used such an architecture; 23% had piloted it, while 27% had not yet explored the option.
As COVID-19 tests the strength of the manufacturing industry, the potential attack surfaces will only grow. The time has never been better to strengthen DNS security in the manufacturing sector.