Hitchiner Manufacturing

View Original

Manufacturing and Cyber Security

Cyber security is rapidly becoming a dominant concern

Cyber security is rapidly becoming a major concern for manufacturers and consumers. Cyber security is often applied to the administrative-driven parts of business, such as logins to systems, internet sites and financial information. For that reason, cyber security has become a critical component of effective management in manufacturing.

Let’s take a look at how cyber security is changing to become a key focus for the peace of mind of consumers and internal processes of a manufacturer. In 2010, the Stuxnet computer worm attacked programmable logic controllers in manufacturing settings. These controllers were responsible for the automation of many manufacturing processes, and the unheardof attack left great damage in its wake. As a result, manufacturing and cyber security measures and polices quickly became a concern.

The industries most commonly attacked via cyber-espionage in 2015 were manufacturing, public, professional, and information, as you can see in the chart below. This is partly why two of these industries (manufacturing and public) were among the most breached overall. When considering the term “cyber espionage,” you may think of huge countries with massive resources launching the most sophisticated, cutting edge attacks across the globe. Surprisingly, most espionage begins with a simple email, according to the Verizon DBIR 2105 report. Three out of four (77.3%) of these attacks require someone to engage with an email attachment or email link. The report notes that web drive-by attacks were more popular in espionage than years past. What are these actors looking for? Your secrets. More than 85% were targeting secret information. The second highest category, credentials, were targeted in 11.4% of the attacks.

How does a cyber security threat impact manufacturers?

Think about the cost of a cyber security breach. It may cost the manufacturer proprietary information, unique formulations in creating a product faster, identification of product locations, which could be used for stealing product during shipment, loss of control over the market, and more. Unfortunately, each of these instances represents an added expense to the company. Since all businesses, including manufacturers, rely on profit margins to survive, each added cost implies an increase in the cost of the product to consumers. As a result, consumers may end up paying more for the same product, which brings the cyber security process back to the mindset of consumers.

Is Hitchiner prepared to address modern cyber threats?

Modern day Cyber-attacks are inevitable. Strengthening the security of Hitchiner networks, systems, and data is one of the most important challenges we face. As a result, Hitchiner’s Security Administrator has implemented a series of steps in assessing, identifying, and creating or updating information security processes. The newly created processes will be implemented over the coming quarters and will include the following:

• Identification and classification of information systems that are essential to Hitchiner’s mission.

• Protecting high value mission essential assets by designing and implementing security controls.

• Detection of cyber anomalies and events through continuous system security monitoring.

• Cyber threat response planning, analysis, mitigation, and continuous system improvements.

• Information system recovery planning, testing, and communication. What can you do to help prevent cyberattacks?

• Be suspicious of unknown links in emails or text messages. Do not click on unknown links or answer strange questions sent via email or to your mobile device, regardless of who the sender appears to be.

• Never open Email attachments from unknown senders. If there is any doubt, contact the sender directly and ask whether the email with the attachment was sent from them.

• Verify requests from companies or individuals by contacting them directly. If you’re asked to provide personal information via email, you can independently contact the sender to verify the request.

• Do not give out personal information over the phone or in an email with attachments. Social engineering is a process of deceiving individuals into providing personal information to seemingly trusted agents who turn out to be malicious actors.

If contacted over the phone by someone claiming to be a retailer or business partner, do not give out your personal information. Ask them to provide you their name and a call-back number. Just because they may have some of your information does not mean they are legitimate.

• Pay close attention to website URL’s. Pay attention to the URLs of websites you visit. Malicious websites sometimes use a variation in common spelling or a different domain (for example, .com instead of .net) to deceive unsuspecting computer users. Cyber security threats are real. A single breach destroys the perception of trust and rapport with consumers, and manufacturers could lose vital information about key manufacturing processes, especially confidential information. By understanding the need for cyber security and how to monitor, create, analyze, and implement cyber security measures, customers and the manufacturer can attain peace of mind in the ever-increasing, digitally-connected world of manufacturing.