Now more than ever, cybersecurity is extremely relevant for the manufacturing industry. IBM’s X-Force Threat Intelligence Index 2022 report found that manufacturing is the most attacked industry as of 2021, receiving the brunt of 23.2% of the attacks and reaching a global average of $4.24M in data breach costs.
The manufacturing industry lacks cybersecurity maturity, a fact that criminals exploit relentlessly. This is evidenced by the high-stakes burdens placed on supply chains wreaking havoc on the manufacturing industry, which is still recovering from losses caused by the COVID-19 pandemic.
Instrumental to the wellbeing and healthy performance of any manufacturing company, operational technology (OT) supports core-business operations and its safety is essential to ensure sustainable growth and effective means of innovation. For that to happen, cybersecurity needs to be a key, foundational element of any company’s core strategy. High, rigorous security standards and protocols in data, software, and infrastructure coupled with AI-powered solutions allows for process agility and transparency.
Below, we detail one of the most high-profile cybersecurity attacks of recent years to illustrate how severe and crucial it is for manufacturing companies to take their security environment seriously.
Manufacturing under threat
The manufacturing industry is victim to ransomware, server access, BEC and data theft, distributed denial-of-service (DDoS) attacks, credential harvesting, and more.
Next, let’s see a high profile case of an attack in action. As the result of a devastating cyberattack involving the LockerGoga ransomware, Norsk Hydro, a multinational aluminum manufacturer with operations in 40 countries, closed many of its plants and was forced to move others offline. The attack compromised the firm’s IT systems across multiple business functions, including the company’s smelting plants in Norway, Qatar, and Brazil. The total cost is estimated at $75 million.
As exemplified by the Norsk Hydro case, cybersecurity experts assert that cyber criminals are using more ruthless methods to achieve their objectives and the proficiency of attacks is expected to advance as they continue to develop new methods for cyber attacks. For all industries with OT networks ransomware again led the charge for attack types, accounting for 36% of all attacks and echoing the overall attack trend across all industries. While the IT networks were compromised in the vast majority of these attacks, the impact carried over to victims’ operational technology in many of these instances.
Looking at the variety of attacks and the latest cyber criminal developments, the manufacturing industry remains a high-interest target for cybercriminals looking to deploy well-crafted attacks. Cyber attacks are relatively easy for criminals to conduct and are hard to protect against using traditional security technologies.
How can an AI-powered solution advance your Edge/IoT cyber security?
Cyber security is more important than ever before, as the attack surface area has increased due to the latest wave of digital transformation that is enhancing business agility and developing new customer experiences. When it comes to the security of Edge and IoT infrastructures, Artificial Intelligence (AI) and deep reinforcement learning are unmatched.
The AI EdgeLabs platform is embedded with a proprietary network telemetry and monitoring sensor that protects every layer of an Edge and IoT architecture. The AI-powered solution delivers smart means to detect anomalies that signal the presence of threats, threat intelligence software with powerful analytics tools for robust traffic inspection, and swift incident response and remediation.
During its deployment on-premises (on the factory side), the AI EdgeLabs Sensor runs a configurable set of security checks and topology research to collect the initial context of your environment. Data collected from the sensor is analyzed by the AI EdgeLabs platform that provides a set of AI-based models that are pre-trained on the existing knowledge base of threat patterns and attack signatures.
Looking at the graph above, we can see the SCADA power system. The electrical distribution system consists of controllers, sensors, and operator-interface points.
For real-time monitoring and controlling of Programmable Logic Controllers (PLCs), the system uses circuit breakers and power monitors. Data is transmitted from PLCs and other devices to a computer-based SCADA node located on each sub-station.
One or more computers can be located on different points. The AI EdgeLabs Sensor can be implemented on each computer-based SCADA node to protect the whole system. This includes factory machines, HMIs, sensors, and end devices, protecting them from malfunctioning, data modifying, injection attacks such as SQL injection and other forms of advanced malware.
The EdgeLabs Sensor helps:
- Generate near-realtime visibility of infrastructure and application performance;
- Prevent and block threat sources in real-time;
- Integrate cloud-based and on-premises application performance monitoring;
- Monitor SaaS applications from your users’ vantage point;
- Monitor IaaS resources from your users’ vantage point.
The AI EdgeLabs platform equips your security teams with multi-layered threat intelligence software, advanced network visibility, and automated remediation to protect every asset, device, server, or network element of your manufacturing environment.