This article was written and contributed to engineering.com by John Graham, Chubb's Cyber Product Manager for Commercial Insurance.
John Graham, Vice President and Cyber Product Manager of Chubb’s Commercial Insurance unit.
However, together with these momentous advantages, Industry 4.0 also has a downside: the increased vulnerability for cyber attacks. A 2019 report by Kaspersky Lab, for instance, indicates that nearly 50% of industrial systems display clear evidence of hackers attempting some form of malicious activity. As more and more bad actors target the industrial internet, the manufacturing industry should understand that cyber security concerns need to be top of mind.
Connectivity Breeds Vulnerability
Any information that travels through the internet is susceptible to a cyber attack. For example, when manufacturing data migrates from operational technology (OT) systems on the factory floor to interconnected information technology (IT) systems in the corporate network, new risks evolve. This data is now more vulnerable. Cyber criminals could potentially gain access to intellectual property, shut down systems, disrupt production timetables, and affect product quality.
The Chubb Cyber Index, a database comprised of Chubb’s proprietary claims data, also shows that cyber incidents for manufacturers have increased by 147% over the past three years. So, while the prevalence of cyber risks to the manufacturing industry are not new, it’s clear from this continued rise in incidents that cyber risks are not being adequately addressed.
In situations where one manufacturer is connected to other entities within a supply chain ecosystem, the susceptibility for a potential breach is further compounded. Additionally, because supply chains are so vast, there are many possible entry points and hackers can easily hunt for the weakest link.
Chubb’s data also shows that in 2018, 86% of cyber incidents reported by the manufacturing industry were caused by an individual outside the organization. These bad actors, who often target manufacturers through the industrial internet, aim to find a way through a vulnerable system and into the network of the company perceived to have the deepest pockets, such as an original equipment manufacturer (OEM). The conduit in these scenarios might be an innocuous third-tier equipment supplier to a second-tier component manufacturer that makes products for a key supplier to the OEM. No matter the path, a breach can spread like a virus and has the ability to affect every business within an infected ecosystem.
Jackpot Targets
In terms of the manufacturing industry specifically, the Chubb Cyber IndexSM indicates that ransomware attacks against manufacturers now exceed similar attacks against all other industry segments.
Why? Cyber criminals target manufacturers because they have a high incentive to pay a ransom—if the factory floor shuts down, the entire operation comes to a halt and no money can be made. Furthermore, complex manufacturing systems can also be hard to restore—making them appealing to the criminals who can use the length of the outage to demand even higher ransoms. Additionally, robotics, artificial intelligence, and advanced manufacturing techniques have created further challenges for manufacturers to securely integrate older legacy systems, and thus often leave vulnerabilities. For these reasons and more, according to Chubb, during the past three years, the median costs incurred from a single cyber incident climbed to nearly $400,000—with the high end of the range exceeding 7-figures. Such amounts could be devastating to any business.
Unfortunately, ransomware attacks are often just the "tip of the spear" leading to a broader attack—meaning higher costs and the potential for significant business disruption. For example, consider a manufacturing company that experienced a ransomware attack which resulted in the encryption of several servers. Upon remediating the ransomware attack, executives discovered that this hacker had gained access to employees’ personal information and had been secretly mining cryptocurrency in the background of the manufacturer’s system. While this ransomware attack was the event that first caught the company’s attention, they later found out much more was happening behind the scenes. This circumstance is unfortunately not uncommon and highlights the variety of other concurrent issues that a single cyber incident can cause.
Protecting Your Organization
So, what can be done to mitigate cyber security risks? The first step is for manufacturers to adopt an “enterprise-wide mentality”—cyber security is not just an IT issue. All employees have a role to play in assuring a company’s protection.
Preventative measures such as regularly occurring employee education sessions and strong password hygiene can help. It’s important to segment data back-up locations to ensure that not all your data is in one place. Additionally, limit access to these repositories to only those who need it. Strong anti-virus software that can detect a breach is another critical step in mitigating cyber risk.
Existing within a supply chain ecosystem also requires diligence toward proper vendor management. Any third parties that have authorized access to the company’s network can become unwitting avenues of attack. A bad actor who steals any login credentials of the third party could potentially gain access to the company’s network by pretending to be an authorized user.
These and many other measures are critical for companies to implement, but it does not erase the important need for a comprehensive cyber insurance policy. Look for an insurance policy that provides a three-pronged approach to cyber risk management – risk transfer, pre-incident mitigation services, and incident response services. There’s no reason to go it alone, especially because many companies that diligently put protections in place still end up succumbing to an attack. It’s difficult to stay ahead of the bad guys. But, having a team of expert professionals in your corner can help give manufacturers the peace of mind to know that they don’t have to navigate a chaotic breach all on their own.
In our intimately interconnected digital world, cyber risks will always be present. However, taking the right steps can help to safeguard your organization.
John Graham is Vice President and Cyber Product Manager of Chubb’s Commercial Insurance unit. He can be reached at: john.graham@chubb.com.