Manufacturing companies have become top targets for cybercriminals, ransomware, and state hackers, with 61 percent of them having a cybersecurity incident at their factory, three-quarters of which resulted in offline production, according to a new report from cybersecurity firm Trend Micro. Shut down.
The report, based on a survey of 250 IT departments and 250 operational technology (OT) departments, states that OT departments face more challenges with overall security, with technology being a pain in the ass for both, but people and processes being critical for both. The OT sector is a bigger challenge. Challenges for the OT sector also include a lack of visibility into assets and associated cyber threats, as well as a lack of established goals for cybersecurity maturity.
Different challenges and perspectives mean IT and OT should collaborate on cybersecurity, but only 12% do, the report states.
Manufacturing, healthcare, information technology, and construction are the top industries targeted by ransomware groups, according to a new report from cybersecurity firm Palo Alto Networks. Multiple ransomware development teams have begun adding new malware targeting industrial control systems to their arsenals.
According to the survey, 75% of cyberattacks experienced by manufacturing companies resulted in production interruptions, and in 43% of outage cases (about 20% of all manufacturing companies), cyberattacks resulted in production downtime for more than four days.
“Plant cybersecurity is in a developmental stage,” the report states: “Cyber-attack incidents are not uncommon, many companies have advanced in organizational and technical approaches, and most are aware of the attendant risks. But with the coming years With the rapid development of factory network security, it is difficult for enterprises to choose appropriate technical measures.”
The survey data also showed that manufacturing companies in the United States differed from those in the other two countries surveyed (Germany and Japan). U.S. manufacturing companies face fewer challenges in securing people, processes, and technology than they do in Germany or Japan. The report argues that U.S. manufacturing companies are better at adopting 1990s-era information security methods, creating a secure perimeter to keep outlaws out. However, the current network security is undergoing a transition to “zero trust”, which requires enterprises to have a deeper understanding of the traffic in the company’s network.
Finally, the report points out that the gap between IT and OT remains deep. While 89% of companies have established cybersecurity operations processes and 88% have created incident response processes, OT and IT teams are going their separate ways. The survey revealed that only 12 percent of respondents actively collaborated with their peers to design both processes.