EfficientIP Vice President Nick Itta discusses why downtime caused by phishing and malware jeopardizes the global manufacturing industry.
By Nick Itta
The Industry 4.0 era has provided manufacturers with the digital capabilities to optimize production processes, making industrial manufacturing and the management of local, regional and global supply chains more efficient and sustainable.
Thanks to connected IoT devices and applications, companies can utilize production and customer data to predict defects before they occur, to manage and expand complex supply networks or even to tailor their production to individual customer needs. While the advancements in manufacturing brought about by Industry 4.0 have enabled corporations to save costs while increasing output and meeting surging demand, this revolution has not come without challenges.
Conscious and eager to tap on these benefits, Southeast Asia governments have rallied policies around facilitating supply chains to be optimized for technology advancements. In Singapore, the manufacturing and supply chain industry has its own Industry Transformation Map, as part of the effort to upgrade existing industries. The map highlighted the use of digital solutions specific to capture growth opportunities leveraging innovation. Part of Thailand’s efforts to digitize its business landscape, the Thailand 4.0, included the implementation of technology in its logistics and supply chain industries. Logistics is one of the industries intended to be the alternative forces for the future Thai economy.
With the growing use of IoT-based applications, many companies in the manufacturing sector have also become increasingly vulnerable to cyber attacks. The COVID-19 pandemic has only exacerbated vulnerability, making it all the more critical for business leaders to understand where their vulnerabilities lie. The Singapore Cyber Landscape Report reported receiving 35 reports in 2019, an increase from 21 cases. Systems affected included gaming, travel and tourism, manufacturing, and logistics.
The interconnected IoT devices, through which critical production data is transmitted, present an attractive attack surface for cybercriminals. Attacks targeting the Domain Name System (DNS) or using it as a vector have become especially appealing amongst threat actors.
Cybercriminals aim to take advantage of the openness of DNS, the system that translates website names into numeric addresses (IP addresses) that are easier for computers to manage. According to the 2020 Global DNS Threat Report, published by EfficientIP and IDC, 75% of manufacturing companies experienced at least one DNS attack last year, and the average cost of each attack hovered around USD 825k. Manufacturing companies who were victims each suffered an average of 10 DNS attacks over the course of the year.
DNS attacks can have a significant impact on production processes and supply chain management. For example, if a large manufacturing company loses access to a supply chain management application, a chain reaction is set into motion that can affect the entire company – its suppliers, and customers. If the product is personal protective equipment or medication set to be distributed to hospitals, the repercussions could be profound. Moreover, according to the study, of all industries surveyed, the manufacturing industry took the longest to mitigate attacks, at nearly seven hours. This not only impacts supply chain, but machinery uptime and physical plant safety.
Some of the more common attack types in the manufacturing sector include phishing (40% of companies surveyed experienced phishing attacks), malware (35%), and DNS amplification attacks (22%). 60% of manufacturing organizations suffered app downtime as a result of a DNS attack, and 52% experienced cloud service downtime. App and cloud downtime has the ability to significantly affect access to data, supply chain logistics and more. Any disruption in these areas could lead to significant reputational damage for enterprises.
Given these statistics, it is clear why over 80% of manufacturing respondents rated DNS security as extremely important or very important. Indeed, the effect of DNS attacks on manufacturing and supply chains can be devastating. DNS is also at the heart of data privacy and regulatory compliance – data exfiltration via DNS often goes unnoticed as the information is hidden in normal network traffic. This is why manufacturing companies that are looking to protect data confidentiality put monitoring and analysis of DNS traffic as their top priority, ahead of adding more firewalls or securing endpoints.
When an attack occurs, there are a variety of countermeasures that organizations can take. Of the manufacturing respondents in the Threat Report, 56% temporarily shut down specific affected processes and connections, and 54% disabled some or all of the affected applications.
Unfortunately, these types of countermeasures can have significant financial and business implications. 43% of respondents were likely to shut down a server or service in the event of an attack, potentially affecting the operations and profitability of an entire manufacturing facility.
Organizations in the industrial sector can take measures to prevent and mitigate against these types of attacks. They should accelerate threat investigation by including DNS security in a security-by-design framework, and should implement purpose-built DNS security with effective auto-remediation capabilities for limiting attack damage and reducing mitigation time. Adding adaptive countermeasures to the mix will help ensure continuity of business and services.
Companies should also rely more on Zero-Trust strategies. In short, Zero Trust helps prevent breaches by using strict access controls and assuming that anyone on the network is not to be trusted, requiring verification before granting access to resources. It is a strategy that can make better use of behavioral analytics to determine who is a likely threat and who is not. Currently, only 17% of manufacturing respondents in the DNS Threat Report use Zero Trust architecture. 23% have piloted it; 27% have not yet explored the option.
As COVID-19 tests the strength of the manufacturing industry, digitization of manufacturing, and automation of processes to meet increased and shifting supply chain demands, the potential attack surfaces will only grow. The time has never been better to strengthen DNS security in the manufacturing sector.
(Ed. EfficientIP VP Sales APAC Nick Itta says he has over 15 years’ experience. Itta says his previous Sales Director roles include Dicom International and Kofax. Featured image by Photographer Oğuzhan Karaca.)