The manufacturing industry is an important sector for the economy employing one million Australians and accounting for more than 10 percent of the country's economic output. This sector is thus an obvious target for cybercriminals as demonstrated by a recent attack called Nitro which targeted more than 48 organisations involved in the manufacture of chemicals and advanced materials.
Nitro appeared only in recent months but cybercriminals targeting the manufacturing sector is nothing new. According to a survey conducted by Symantec.cloud, there was a 60 percent increase in targeted attacks against the manufacturing industry between 2009 and 2010. In fact, since 2008, the manufacturing sector has been the target of more web attacks than any other industrial sector in Australia.
With cybercriminals increasing their focus on this industry, it is vital for manufacturing companies to understand and tackle the security issues they are facing. The first step in this process comes from understanding where vulnerabilities lie.
The internet threat landscape is evolving rapidly and cybercriminals are finding new ways to attack corporate data by targeting employees via social engineering attacks. 'Social engineering' is the act of manipulating employees into disclosing confidential information or downloading malware and is often used by cybercriminals to bypass an organisation's security systems.
Social engineering attacks are becoming more advanced and trickier to spot. For example, cybercriminals use news events as a way to spread malware. Recently the death of Muammar Gadhafi was the subject of spam emails which encouraged recipients to click on a malicious link. Users who fell for this scam at work downloaded malware to business computers, enabling cybercriminals to access the corporate network.
Email scams are also a common tactic to encourage employees to download malware. For example, the recent Nitro attacks were spread via targeted emails to employees within private manufacturing firms. Cybercriminals researched desired targets, and then sent emails to a handful of employees at each relevant firm.
These emails often purported to be meeting invitations from established business partners, tricking recipients into opening an attachment and enabling malware to enter the business network. Once the organisation was infiltrated, Nitro was able to collect intellectual property such as design documents, formulas and manufacturing processes.
In addition to social engineering threats, mobile devices often create a point of vulnerability. The use of mobile devices is on the rise in the manufacturing industry as many employees work across multiple sites or are often on the road. These employees tend to use personal devices such as tablets or smartphones to access corporate data.
While the use of mobile devices improves productivity in the workplace, a growing concern is undoubtedly the security risks associated with their use. Remote workers accessing the Internet from outside of the company network or VPN can be more susceptible to security risks.
This is because mobile devices are unlikely to have business quality security software installed, making it easy for opportunistic hackers to access business data. Additionally, the use of unsecured networking environments can significantly increase security risks.
How can the manufacturing industry protect itself?
While it is clear that the security threats targeting manufacturing businesses are growing in frequency and sophistication, there are some simple steps that these organisations can take to protect their business data.
- Educate employees: Businesses in the manufacturing sector should keep employees updated on recent security threats and the risks of accessing business data through mobile devices
- Avoid opening unexpected messages from unknown senders: Emails, social networking messages and text messages can be used to spread malware, phishing scams and other threats. Remind employees to use caution when opening unsolicited messages
- Click with caution: Employees should not open unidentified links, chat with unknown people online or visit unfamiliar websites. It doesn't take much for a user to be tricked into compromising a mobile device or a networked computer and enabling malware to enter the business
- Use a reliable security solution: Look for a solution that does more than just prevent viruses. Advanced solutions identify programs that match the software's database of known malware, suspicious e-mail attachments and other warning signs. These solutions can be delivered as a cloud-based service which will automatically provide the most updated threat protection possible.
- Invest in the Cloud: Businesses in manufacturing should consider investing in cloud-based filtering services which stop threats at the internet or email layer, preventing them from entering the business network through networked computers or mobile devices.
[Keith Buckley is Regional Director, Symantec.cloud.]