Tag Archive for: Manufacturers

Ransomware cybercriminals continue to target manufacturers


If your manufacturing clients are seeing cyber premiums increase, more ransomware incidents could be why.

Although many manufacturing businesses like this perfume factory were quick to digitalize, many also failed to invest in IoT security at the same time they were building out their technological capacity. (Credit: Lena Wurm/Adobe Stock)

According to a new report by industrial cybersecurity firm Dragos, out of 905 ransomware incidents Dragos tracked, 638, or 70%, affected the manufacturing sector.

Dragos noted about a 50% increase in ransomware attacks against industrial organizations between 2022 and 2023.

But what could be of more value than the knowledge of increased premium expectations is the reason why this sector is seeing so many ransomware attacks. If manufacturers are not willing to plug the holes in the dike, then they should prepare themselves for attack, as attackers will always pursue the most vulnerable risks.

Exploiting vulnerabilities

Lax defenses and the significant costs incurred by any impact to operations of industrial risks make them vulnerable to digital extortion. In looking at the manufacturing sector, the industry was quick to move into digital transformation and internet connectivity but did not invest in IoT security at the same time. Ransomware attacks not only impact operational efficiency but also lead to financial and reputational costs, and further still have trickle-down effects on downstream businesses and outputs.

As with many sectors, the manufacturing sector still struggles with segmenting networks like those that deal with human resources from operational technology networks that control operations. This gives a hacker broad access to the organization. Water and wastewater utilities moving into digitization are also vulnerable, with a need to secure entry to access points as they…

Source…

Food manufacturers top three for ransomware attacks


The second quarter of 2023 saw 14 ransomware attacks against food and drink manufacturers globally, the third highest after equipment manufacturers (26) and electronics manufacturers (23).

Manufacturers were the most targeted for cyber security attacks, with 177 reported cases of ransomware against businesses in the second quarter alone – 70% of all alleged attacks. This was up from 143 in the previous quarter.

In total, Dragos detected 253 ransomware incidents in the second quarter of 2023, an 18% increase from the previous quarter. Of these attacks, 120 were reported in North America, 77 in Europe, 35 in Asia, 10 in South America, four in Africa, four in the Middle East and three in Australia.

Rapid growth of ransomware ecosystems

Dragos senior threat analysist Abdulrahman H. Alamri said: “The rise in ransomware attacks on industrial targets and their consequential impacts highlights the rapid growth of ransomware ecosystems and the adoption of different tactics, techniques, and procedures by these groups to achieve their objectives.”

Ransomware attacks are a threat to the entire supply chain. An incident further up the chain may not immediately affect a food business, the consequent delays it can create can prove devastating, especially for our just in time system.

An example given by Dragos was an incident involving and attack on the Port of Nagoya in Japan, which impacted the port’s operations and subsequently affected the supply chains of other industrial organizations, including the Toyota packaging line.

Source…

Criminals attack manufacturers with ransomware | The Guardian Nigeria News


Cybersecurity firm, Sophos, has revealed in its new sectoral survey report, ‘The State of Ransomware in Manufacturing and Production 2023’, that in more than two-thirds (68 per cent) of ransomware attacks against this sector, the adversaries successfully encrypted data.

Sophos described this as the highest reported encryption rate for the sector over the past three years and is in line with a broader cross-sector trend of attackers more frequently succeeding in encrypting data.

The report however, said in contrast to other sectors, the percentage of manufacturing organisations that used backups to recover data has increased, with 73 per cent of the manufacturing firms surveyed using backups this year versus 58 per cent in the previous year. It said despite this increase, the sector still has one of the lowest data recovery rates.

Field Chief Technical Officer, Sophos, John Shier, said: “Using backups as a primary recovery mechanism is encouraging since the use of backups promotes faster recovery. While ransom payments cannot always be avoided, we know from our survey response data that paying a ransom doubles the costs of recovery.

“With 77 per cent of manufacturing organizations reporting lost revenue after a ransomware attack, this added cost burden should be avoided, and priority placed on earlier detection and response.”

In addition, the report found that despite the growing use of backups, manufacturing and production reported longer recovery times this year. In 2022, 67 per cent of manufacturing organizations recovered within a week, while 33 per cent recovered in more than a week. This past year, only 55 per cent of manufacturing organisations surveyed recovered within a week.

“Longer recovery times in manufacturing are a concerning development. As we’ve seen in Sophos’ Active Adversary reports, based on incident response cases, the manufacturing sector is consistently at the top of organizations needing assistance recovering from attacks.

This extended recovery is negatively impacting IT teams, where 69 per cent report that addressing security incidents is consuming too much time and 66 per cent are unable to work on other projects,” the report…

Source…

Cyberweapon manufacturers plot to stay on the right side of US


In the summer of 2019, as Paragon Solutions was building one the world’s most potent cyberweapons, the company made a prescient decision: before courting a single customer, best get the Americans on side.

The Israeli start-up had watched local rival NSO Group, makers of the controversial Pegasus spyware, fall foul of the Biden administration and be blacklisted in the US. So Paragon sought guidance from top American advisers, secured funding from US venture capital groups and eventually scored a marquee client that eludes its competition: the US government.

Interviews with half a dozen industry figures about the divergent paths of the two companies underline how the shadowy spyware industry is being reshaped around those friendly to American interests.

According to four of those people, the US Drug Enforcement and Administration Agency is among the top customers for Paragon’s signature product nicknamed Graphite.

The malware surreptitiously pierces the protections of modern smartphones and evades the encryption of messaging apps like Signal or WhatsApp, sometimes harvesting the data from cloud backups — much like Pegasus does.

Paragon was set up by Ehud Schneorson, the retired commander of Unit 8200, the Israeli army’s elite signals intelligence arm. According to people familiar with the company, which includes ex-Prime Minister Ehud Barak on its board, has secured investment from two US-based venture capital firms, Battery Ventures and Red Dot.

Paragon, Barak, Battery Ventures and Red Dot declined to comment.

In 2019, even before work on Graphite had been completed, on advice from a retired senior Mossad official, Paragon hired DC-based WestExec Advisors, the influential advisory group staffed by ex-Obama White House officials including Michele Flournoy, Avril Haines and Antony Blinken. Ex-US ambassador to Israel, Dan Shapiro, was also consulted, people with knowledge of the advisory effort said. Shapiro declined to comment.

WestExec said it “advised Paragon on its strategic approach to the US and European markets, as well as the formulation of its industry-leading ethical commitments designed to ensure the appropriate use of its technology,” adding it was “proud…

Source…