The ongoing pandemic has given a huge impetus to online transactions. Cyber attackers have been quick to latch on to this opportunity, and an 86 per cent increase in cyber crime has been reported during the lockdown in India. Electronics companies relying on software in the IIoT, Industry 4.0 and IoT era, must now ensure a good system is put in place to prevent cyber attacks from disrupting their businesses.
By Nijhum Rudra
With online transactions becoming the order of the day, cyber attacks have become pretty common and are making headlines quite frequently. While the effects of cyber attacks on various industrial IT systems, financial services, healthcare, and government administration are well-known, there are loads of less well-known implications too. Recently, the WannaCry ransomware attack crippled much of the UK’s National Health Service and also led to a Honda manufacturing plant in Japan stopping production. Back in 2017, the Petya cyber attack immobilised a large number of industrial companies, of which many were in the electronics and IT domain. For the past few years, cyber threats to electronics manufacturers have escalated tremendously. The state-of-art Stuxnet-style attacks as well as ransomware attacks have become common. Cyber attacks on electronics industrial plants can stop their production and operation by corrupting data, stealing intellectual property, disabling networks and vandalising equipment. The reasons and effects of each attack differ, but they cost both time and money to companies as well as their customers.
As manufacturing becomes increasingly digitised and data-driven, manufacturers will find themselves at serious risk of cyber attacks. Although there has yet to be a major successful cyber attack on a US manufacturing operation, threats continue to rise. The complexities of multi-organisational dependencies and data management in modern supply chains mean that vulnerabilities are multiplying. In spite of the severe implications, manufacturers all over the world are not taking cyber attacks seriously, or feel that they are not in the risk zone and can come out of an attack rapidly, feel experts.
According to an analysis by IBM, security for connected consumer devices gets all the attention. However, electronics companies should also focus on the security for industrial systems used to manufacture components and increasingly high-tech products. The production of ‘intelligent industrial things’ must also factor in effective cyber security, or it can place a company’s entire ecosystem at risk. IBM’s research found that more than 80 per cent of electronics companies are implementing Industrial Internet of Things (IIoT) technologies in plants and assembly lines, without fully evaluating the risks or preparing effective responses. Electronics companies need cyber security capabilities that are contextual, cognitive and adaptive to continuously identify, mitigate and prevent risk.
Top-notch cyber security is extremely crucial for the manufacturing supply chain as this is integrated, connected and also interdependent. The entire supply chain’s security is actually dependent on the security at the factory level. The growth of smart factories, digital manufacturing and Industry 4.0, along with IoT, escalates this connectedness. The diversity of manufacturers, ranging from large sophisticated firms to MSMEs, increases the risk of vulnerabilities, which can be better managed by private public partnerships. Cyber attacks have increased in various sectors over the past few years.
In spite of the severe implications, there are not many laws in place to control cyber attacks. Dr Karnika Seth, cyberlaw expert, Supreme Court of India, says, “Globally, most countries have cyber legislation by now. What they need to gear up with is the enforcement mechanisms to implement these laws. In countries where punishments for cyber attacks are non-deterrent, they must be made a deterrent. For example, in India, hacking is a cognisable offence but a bailable one under Section 66 of the IT Act, 2000. It needs to be made strong enough to deter data thefts in cyber space. In Europe, the General Data Protection Regulation (GDPR) has already been brought into force to protect data of European citizens. In India, a Personal Data Protection bill is expected to be passed soon to strengthen India’s data protection law. India’s national cyber security policy is also under review, and the earlier policy of 2013 will soon be revised.”
Electronics manufacturers are increasingly under threat from cyber attacks. In today’s connected world, a successful attack from a cybercriminal could shut down a plant’s operations or it could start making equipment without the knowledge of managers. Mandeep Arora, MD, Ubon says, “Small and medium businesses do not have very established IT security practices to combat or cope with a cyber incident. This lack of preparedness not only makes it easier for cyber criminals to attack, but also increases the likelihood that impacted companies will experience longer periods of downtime as they scramble to restore operations following a cyber security issue.”
The increase in cyber attacks on online platforms during the pandemic
During the ongoing COVID pandemic, many consumer electronics companies are selling their products online, and online sales have outrun traditional modes of buying. Hence, e-commerce experts feel that the risk of cyber attacks has gone up considerably during the past 3-4 months. Consumer electronics firm Ubon feels that clicking a mouse to make a purchase is hugely popular today than it was a few years ago. This is attracting cyber security attacks and can turn into a big problem for all online businesses, especially in the consumer electronics domain.
Ubon also states that people can order anything online and have it delivered right to their doorstep in the shortest possible time. Online shopping has many advantages, but possesses a few disadvantages too. Every online company works to build its customer’s trust and get loyal buyers. Cyber crime can swiftly dent the reputation and credibility of any company. Cyber criminals generally wait in the background to trap customers rushing to get the best deals. The cyber attacks are directed at customers’ personal data, and a manufacturing company’s intellectual property and physical inventory, as well as its financial assets. Data is considered the prized resource of an organisation. If another company or cyber attacker steals this data, it can lead to great business chaos.
|The challenges and the solutions; what the experts say|
|Dipesh Kaura, general manager, Kaspersky (South Asia)
The challenge that we see is the lack of awareness about the changing threat landscape amongst consumers as well as organisations. During the pandemic we have seen how cyber criminals have tried to attack consumers through various COVID-19 related scams, as well as phishing and social engineering attacks. Organisations, digital platforms and educational portals are being made targets of ransomware, DDoS and zero-day attacks. Newer threat trends include attacks via compromised IoT devices, cloud security vulnerabilities, and use of deepfakes, along with constant evolution of ransomware. According to our recent report, the infamous cyber criminal group, Lazarus, is now operating its own ransomware (known as VHD ransomware) targeting Europe and Asia for financial gains. Cyber criminal groups are now engineering newer and more sophisticated threats, and targeting them at different regions. This has become a growing concern for the cyber security industry across the globe.
|Manufacturers have become more vulnerable to cyber attacks after shifting to cloud infrastructure and services. Depending on the evolving as well as perceived threats, companies have started investing in cyber insurance and deploying a Security Operations Centre to protect data and applications, for immediately detecting and defending cyber attacks. Companies are spending a large amount of money on cyber security to keep their data private. Cyber security defends electronic systems, mobile devices, computers, servers, networks, and data from malicious attacks. If a company is attacked by a cyber crime and uses cyber security in time, then the organisation can minimise the overall impact. This impact includes economic loss, stolen intellectual property, damaged reputation, disrupted business, etc.|
|Due to the pandemic, the global manufacturing and supply chain operations have been disrupted and businesses have suffered a setback. There is increased pressure on IT teams and global manufacturing companies to conduct their business electronically, and protect their confidential data and security from cyber attacks. Global companies are investing on building robustness and resilience in their IT Infrastructure and training their manpower and IT teams. In India, an 86 per cent rise in cyber crime has been reported during the lockdown with an exponential rise in ransomware attacks, phishing attacks and data thefts through fake links, apps, ads, websites and social engineering attacks. Many companies are deploying VPNs and DLP (data loss prevention) solutions and shifting to dedicated cloud servers for better cyber security. Moreover, global companies are shifting their base from China to Vietnam and India and other locations. As per the International Telecommunication Union’s (ITU) cyber security index 2018, most countries across the world have cyber legislation, about 50 per cent have CERT (computer emergency response team) for incident response, and 66 per cent have received cyber awareness training. Going forward, cooperation and collaboration will play a major role in enhancing cyber security efficiencies across the globe. Different stakeholders need to collaborate on best practices to prevent and combat cyber security threats including the Central government, the private sector, academia, civil society, and international organisations.|
According to Dr. Karnika Seth, as per the Ministry of Home Affairs, there has been an 86 per cent rise in cyber crimes during the COVID lockdown. There have been various advisories issued by the Indian government to alert people about rising cyber crimes and best practices to prevent these attacks. There are reports with respect to hacking attempts through video conferencing platforms, fake apps, and technical glitches and loopholes in security. Various advisories have been given in this respect during the lockdown. Industry bodies such as DSCI (Data Security Council of India) also came out with advisories, and I have conducted a series of cyber-safety awareness webinars for industry bodies like NASSCOM, ASSOCHAM, FICCI and CII, IESA, as well as government bodies, for best practices of cyber security while working from home. As businesses shifted their operations online and employees began working from home, the sudden transition required handholding and advice on ensuring best practices were adopted while working from home.
Cyber security firm Kaspersky states that digital transactions in the country have witnessed a two-fold increase in the last few months. Online transactions and shopping, as well as e-learning have been encouraged by the government in order to maintain physical distance amongst people and children. Cyber attack risks have increased drastically during this period with a sharp rise in the attempts by cyber criminals to attack consumers through various COVID-19 related scams, as well as phishing and social engineering attacks.
Dipesh Kaura, general manager, Kaspersky (South Asia), says, “Our research reports show that attackers have been working on a new way to steal online credentials, such as payment details on online shopping websites by using the Web skimming method. In this method, attackers inject pieces of code into the source code of the targeted website to extract the data inputted by visitors on this site. Often, to conceal the fact that the Web page has been compromised, attackers register domains with names that resemble popular Web analytics services, such as Google Analytics. About twenty-four online stores worldwide have been compromised recently using this method.”
According to Kaura, there have been various pandemic related online scams to target consumers. These include fake pandemic map websites which were an attempt to steal sensitive data, phishing emails related to coronavirus information including malware disguised as attachments, fake online shops and services selling essential coronavirus products, and hackers targeting organisations while their staff work from home.
Global authorities like Interpol and national bodies like Cert-In have been proactive in issuing statements and advisories when cyber scams related to the virus or other emerging threats are brought to their attention by cyber security companies like Kaspersky. These authorities are also individually tracking and following suspicious cases as a regular practice to prevent the spread of such threats.
According to the IBM cyber security report, 82 per cent of electronics companies surveyed are deploying IIoT technologies without fully evaluating the risks, while 91 per cent do not perform regular IIoT cyber security assessments. This means that 82 per cent of electronics companies do not have formally established IIoT cyber security programs.
The different kinds of cyber attacks on the electronics manufacturing industry
Cyber threats are constantly evolving, and getting more complex and sophisticated in nature. This is definitely a challenge, and there is a need to fight these cyber criminals in order to mitigate risks as much as possible. The major kinds of attacks are listed below.
Data leaks: Electronics manufacturers store a vast amount of classified data in their systems, such as current and upcoming projects, financial documents, blueprints, and so on. Hackers, especially from rival companies, are very well aware of these documents, which if leaked, pose a great danger to these businesses.
IoT and connected manufacturing: Smart manufacturing is the new mantra of every industrial sector, where the supply chain and shop floor get interconnected for speedy production. But this also augments the risk of cyber attacks at various levels. A lone cyber threat or malware attack can have a serious impact on the entire manufacturing plant.
Phishing: This is quite common in manufacturing plants, and happens when attackers create emails and trick users to reveal important information such as passwords and project details. These emails target a vulnerable audience and can be identified with subjects such as ‘Dear valued customer’. Many small manufacturing plants tend to fall into this trap.
IP theft: The major asset of any industrial manufacturing unit is its intellectual property, which if hacked could severely damage its reputation and financial property. Though companies make strict rules about the information their employees can share with external sources, IP theft can happen even due to cyber attacks —be it insider threats or data leaks.
The possible solutions
Speaking of the overall cyber security challenges the electronics manufacturing industry is facing these days, various cyber security experts opine some possible solutions that could curb these attacks to a larger extent. The Computing Community Consortium advises that there should be a public private partnership focused on supply chain cyber security. Specific tasks for such a partnership should include:
- Develop a national strategy for strengthening cyber security. This should identify and coordinate existing public and private efforts as well as add resources to address the diverse testing, training and R&D needed to meet the challenges in ensuring security.
- Accelerate the application of existing cyber security technologies and practices to manufacturing, to lower the risks of cyber attacks.
- Support the manufacturing sector’s Information Sharing and Analysis Centres (ISACs) and Information Sharing and Analysis Organisations (ISAOs).
- Set up cyber ranges and test beds to:
- Ensure comprehensive testing for vulnerabilities, and effective patching in components, equipment, software, and other aspects of networked cyber-physical systems (CPS)
- Act as sandboxes to test new ideas safely and securely
- Provide ‘cyber autopsy’ capabilities, and
- Promote the creation of standard models for Operations Technology (OT) systems
Cyber security solutions provider Kaspersky states that its researchers are constantly tracking the activities of cyber criminals. Its Global Research and Analysis Team (GReAT) is working very hard to understand the new techniques that cyber criminals are using across the globe. This intelligence from GReAT helps them create innovative solutions that can fight against these cyber threats and mitigate risks as much as possible.