In previous years, cybersecurity threats were concentrated in industries such as healthcare, retail, finance and energy. The manufacturing industry was rarely included in the conversation because it was relatively closed. But as technology has evolved, antiquated communication methods within the manufacturing industry have become obsolete. When communication channels change, the cyber threat landscape changes as well. The manufacturing industry now has no choice but to utilize Internet connectivity in a variety of ways, but with that comes the security risks posed by antiquated security awareness and equipment security equipage.
The manufacturing industry is known for using outdated devices that may have disclosed vulnerabilities on them, and attackers do not need to do much work to execute an attack. Also the manufacturing industry is large and has a lot of sensitive data that can be used for financial gain (credit card information, bank details, data related to financial institutions and social security numbers). Such data can be sold or used to compromise other networks for ransom. With the low cost and high reward of attacks, the manufacturing industry has become a very popular target for hackers.
Meanwhile manufacturing is a long-established industry and there may be different hardware and software for each technology - resulting in a fragmented security framework. This means that a single security framework will not apply to all systems. Even when leaders want to get on board with security measures, there are many obstacles.
Supply chain attacks are a serious security concern for any industry, but in recent years, supply chain attacks within the manufacturing industry have become more prominent. A supply chain attack occurs when a threat actor accesses an organization's network through a third-party vendor or supplier. Access can be gained through viruses or malware, which can provide attackers with keys to sensitive information, customer records and payment information.
Because the scope of the supply chain can be so large, the attack itself may be difficult to track. Naturally, manufacturing organizations and businesses work with dozens of suppliers. Any disruption in the manufacturing process can have ripple effects and significant delays. It is important for manufacturing organizations to protect their supply chains and ensure that the companies they do business with are equally committed to security.
Supply chain attacks fall into three categories:
- Firmware Supply Chain Attack——This attack inserts malware into the boot record of the computer and takes a second to unfold. After the target computer boots up, the malware is executed and the entire system is put at risk. These attacks are fast, destructive, and sometimes undetectable.
- Software supply chain attacks ——This attack requires only one infected application or software to compromise the entire supply chain. These attacks target the source code of an application and deliver malicious code to a trusted application or software system.
- Hardware Supply Chain Attack ——This attack relies on physical devices. Threat actors target devices that they know will pass through the entire supply chain in order to maximize their reach and the damage they cause.
The supply chain mentioned above is collected in the Shambles system to monitor possible risks in the supply chain in real time. Risk alerting is performed.
