Tag Archive for: manufacturing

Manufacturing sector top target for ransomware attacks last year

/in


Palo Alto said UK manufacturers and professional and legal services are most at risk of ransomware attacks.

The UK’s manufacturing sector is the prime target for ransomware attacks, according to data from Palo Alto Networks’ threat intelligence arm, Unit 42, seen by City A.M.

In 2023, manufacturers bore the brunt of ransomware assaults, accounting for 17.2 per cent of all attacks recorded in the UK, totalling 45 incidents.

They are particularly at risk due to their low tolerance for operational disruption, which can negatively impact production, cyber security company Palo Alto said.

With only one fewer incident last year, professional and legal services followed closely behind, suffering 16.9 per cent of ransomware attacks, as cyber criminals targeted sensitive data.

In 2023, the first year the study has been conducted, 261 ransomware attacks targeted UK organisations.

The UK’s technology and education sectors both experienced 8.4 per cent of attacks.

A ransomware attack is when hackers use malicious software to encrypt files or systems, demanding payment, often in cryptocurrency, for their release. The impact on businesses can include loss of data, reputational damage, regulatory penalties and higher insurance premiums.

Palo Alto Networks recently released a separate report, revealing that the frequency of cyber assaults on UK companies has surged, with attacks occurring on a monthly, weekly, and even daily basis for 76 per cent of respondents.

Amid the rise, regulatory pressure is mounting on companies, particularly in critical infrastructure sectors, to enhance their cyber security measures.

For example, the Product Security and Telecommunications Infrastructure (PSTI) Act is coming into force on 29 April. It will require manufacturers of internet-connected or ‘smart’ products to ensure they meet minimum security requirements, protecting consumers.

Similarly tagged content:

Source…

Manufacturing and education are most targeted by malware

/in


The Zscaler ThreatLabz 2023 Enterprise IoT and OT Threat Report says the increasing frequency of malware attacks targeting IoT devices is a significant concern for OT security, as the mobility of malware can facilitate movement across different networks, potentially endangering critical OT infrastructure.

Deepen Dasai

“Weak enforcement of security standards for IoT device manufacturers coupled with the proliferation of shadow IoT devices at the enterprise level poses a significant threat to global organisations. Often, threat actors target ‘unmanaged and unpatched’ devices to gain an initial foothold into the environment,” said Deepen Desai, global CISO and head of security research at Zscaler.

He encourages organisations to enforce zero trust principles when securing IoT and OT devices – never trust, always verify, and assume breach. “Organisations can eliminate lateral movement risk by utilizing continuous discovery and monitoring processes to segment these devices,” he continued.

Consistent growth in attacks

With the steady adoption of IoT and personal connected devices, the report found an increase of over 400% in IoT malware attacks year-over-year. The growth in cyber threats demonstrates cyber criminals’ persistence and ability to adapt to evolving conditions in launching IoT malware attacks.

Additionally, research indicates that cybercriminals are targeting legacy vulnerabilities, with 34 of the 39 most popular IoT exploits specifically directed at vulnerabilities that have existed for over three years.

Source: Zscaler 2023

The Mirai and Gafgyt malware families continue to account for 66% of attack payloads, creating botnets from infected IoT devices that are then used to launch denial-of-service (DDoS) attacks against lucrative businesses.

Botnet-driven distributed DDoS attacks are responsible for billions of dollars in financial losses across industries around the globe. In addition, DDoS attacks pose a risk to OT by potentially disrupting critical industrial processes and even endangering human lives.

Industries favoured by attackers

Manufacturing and retail accounted for nearly 52% of IoT device traffic, with 3D…

Source…

Six steps for preparing a manufacturing organization for a ransomware attack

/in


In Q2 of this year, we observed that 70% of 177 alleged ransomware attacks that impacted industrial organizations were in the manufacturing sector. It’s really nothing new – in 2021 manufacturing became the industry most targeted by ransomware, and that trend continued throughout 2022 and 2023.

Many large companies began their manufacturing cybersecurity journey in 2017 following the WannaCry and NotPetya incidents. But many jumped right into technical solutions and neglected basic foundational elements of an operational technology (OT) security program.

Other small and medium-sized companies have not yet started their manufacturing security journey. Here we outline a step-by-step process for manufacturers that have not yet developed a manufacturing cybersecurity resilience program, and we also offer a double-check for large manufacturers to ensure that they haven’t overlooked some of the basics.

Step 1: Take care of the basics.

Manufacturers need to start with an asset management program. If the organization does not have one, it has two choices: if it can afford to buy technology specifically for OT asset management, buy it. If not, grab a spreadsheet and start an inventory of everything in the plant. At the same time, train employees in the plant on what they should do if a ransomware message appears. And have top leadership work with the legal team to determine if the company would pay the ransom – don’t wait until a crisis to research the details behind this complex decision.

Step 2: Put in fundamental protective measures.

While working on Step 1 also start putting some protective measures in place. Get the IT team involved (even if it’s outsourced) – they are an important partner in these activities. First, determine if there are any assets in the plants that are exposed to the internet, and if so, remediate. Second, vendors can spread malware from customer to customer, so put a process in place for vendors to securely access and transfer files to the plants. Finally, implement a secure remote access solution, including multi-factor authentication.

Step 3: Prepare for the worst.

While putting the fundamentals in place as well as some basic protective measures it’s…

Source…

Kratos, Oklahoma Elected Officials Celebrate Completion of 100th MQM-178 Firejet High-Performance Jet Drone System at Oklahoma City Aircraft Manufacturing Facility

/in


SAN DIEGO, April 12, 2023 (GLOBE NEWSWIRE) — Kratos Defense & Security Solutions, Inc. (NASDAQ: KTOS), a Technology Company in the Defense, National Security and Global Markets and an industry-leading provider of high-performance, jet-powered unmanned aerial systems, joined by Oklahoma Secretary of Military and Veterans Affairs John Nash, Senator Markwayne Mullin (R-OK), Representative Tom Cole (R-OK-4), and Representative Stephanie Bice (R-OK-5), today celebrated the 100th MQM-178 Firejet high-performance jet powered target drone aircraft produced at the Kratos Unmanned aircraft manufacturing facility in Oklahoma City.

Kratos MQM-178 Firejet on Launcher is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/2e145536-3598-438a-95f7-ce0daec7d453

With primary customers including the United States Air Force, Navy, and Army, as well as foreign ally militaries, the Kratos Unmanned Systems Division opened this manufacturing facility in November 2018 to accommodate the existing and increasing demand for its newest line of high performance, jet-powered unmanned aerial tactical drone and target drone systems.

Today, the Kratos Unmanned Oklahoma City aircraft manufacturing facility is fully operational with two major drone aircraft systems in rate production, plus prototype production of a third system. The Kratos Unmanned Oklahoma City aircraft manufacturing facility is home to the MQM-178 Firejet, which first rolled off the production line in Oklahoma in April 2019 and is produced in high quantities monthly/annually today, in both a target and tactical system configuration. The XQ-58A Valkyrie, a high-performance tactical UAV capable of long-range flights at high-subsonic speeds, currently under contract with multiple Department of Defense customers, is also produced at the Kratos Oklahoma manufacturing facility. Kratos is also in prototype production of an additional, high performance tactical drone system at the Oklahoma facility.

Kratos XQ-58A Valkyrie Ready for Flight is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/86419ba2-a560-4328-8b8b-b2087abe3c18

Including production at the Oklahoma City facility, Kratos today manufactures approximately 150…

Source…