Prolific Manufacturing Cyber Attacks and What We Can Learn from Them
There are many reasons cyber criminals target manufacturing companies, the initial reason is that they’ve so far been relatively easy to breach – that, and the potential pay-out.
Back in 2021 – Dark Reading wrote an article stating that one in five manufacturing firms had been targeted by cyber-attacks. Their Manufacturing Cybersecurity Threat Index report, consisting of survey responses from 567 manufacturing employees, confirmed that nearly a quarter of firms are attacked weekly, and more than a third are attacked every month.
In 2020 it was reported that the average ransom paid by manufacturers had tripled to $312,000, and 2020 saw a huge ransom paid of $10 million!
Yet these numbers are likely conservative.
With technology solutions leading the manufacturing business forward, having effective cyber security solutions and processes in place is key.
Phishing is cited as the most common cause of cyber-attacks, so it’s crucial to ensure your staff are trained on spotting and preventing a phishing attack. Malware is the second most successful attack, followed by internal threats; because whether deliberate or accidental, your staff are the third biggest threat to your manufacturing business.
So what can we learn from the top 3 most prolific manufacturing industry cyber-attacks?
Austrian Aerospace component manufacturer FACC AG - Whaling Attack
In 2016, cyber criminals/threat actors infiltrated the FACC network to launch a “whaling” campaign affecting Austrian Aerospace component manufacturer FACC AG’s C-suite and accounting departments.
By successfully impersonated the CEO, these threat actors were able to instruct FACC’s Accounts Team to complete an ‘acquisition’ by transferring $55.8 million. The transfer was complete (to the criminal’s account), before anyone realised it wasn’t an authentic request.
In this case a Chinese citizen, who received $4 million, was arrested in Hong Kong after allegedly laundering the dirty money. Following the cyber attack, FACC fired both their CEO and CFO, they then sued their executives for $11 million claiming they failed to protect the company. It’s estimated that the entire event ended up costing $61 million.
Multinational Aluminium Manufacturer Norsk Hydro – Ransomware Attack
In 2019, multinational aluminium manufacturer Norsk Hydro was forced to close multiple plants following their well-documented LockerGoga ransomware attack.
With operations in 40 countries, this devastating ransomware attack compromised many IT systems in many business functions, including smelting plants in Norway, Qatar, and Brazil.
In 2022 there are still many details about this attack that are undisclosed and unknown, but it’s widely believed that the cybercriminals either purchased credentials on the dark web or they used credentials collected from a previous phishing attack.
With an estimated cost to Norsk Hydro of $75 million, it’s a record-breaking breach.
Automotive manufacturer Renault-Nissan – Ransomware Attack - WannaCry
Building and selling one in nine automobiles worldwide, Renault-Nissan is the huge automotive manufacturer multinational. Just a few years ago in 2017, Renault-Nissan were one of the five high profile victims of a devastating WannaCry ransomware attack. This huge cyber assault stopped production at five plants in England, France, Slovenia, Romania, and India.
Strategically deployed on a Friday to take advantage of reduced staff levels, this attack was devastating. Once discovered, Renault Nissan disconnected infected plants the from the main network in an attempt to quell the spread of the infection. By the following Monday, all plants were operational, but the true impact of the attack has, so far, never been disclosed.
Renault have also declined to disclose how the attack occurred or the costs incurred.
Estimates vary regarding the true amount of damage that WannaCry inflicted worldwide, but losses have been speculated as $4 billion.
There are two main lessons to take from these attacks, the first is never to assume that your business won’t be a profitable target for cybercriminals. Every business is a potential victim. The second lesson is to ensure your staff and users are well trained and regularly tested in how to recognise and protect you from phishing emails, whaling attacks, and malicious links.
The Onyx IT cyber security experts have been working with manufacturing clients for many years now, so get in touch to better understand how at risk your business is, and just what processes and solutions will bolster your cyber defences.
Ensure your business isn’t the next manufacturing cyber-attack headline.
Topics: Managed IT Support, Onyx IT, Managed IT Services, cyber security
T: 01603 414142
E: getintouch@onyx-it.co.uk
Onyx IT has been supported by New Anglia Local Enterprise Partnership through the Growing Business Fund