Manufacturers: Hackers Ultimately Aim to Control Your Shop Floor
Neither anti-virus programs nor firewalls are effective at constantly blocking common attacks on the manufacturing industry, says Gerhard Conradie, MD of Evolv Networks.
The manufacturing sector is one of the most frequently targeted industries, highlighted by IBM X-Force Threat Intelligence Index 2018.
“Manufacturers experienced 13% of the security incidents in 2017 and slightly more attacks than the number-one targeted industry: financial services.
“And nearly 30% of all network attacks in this sector involved SQLi tactics, many of which could be avoided with better security assessments and controls.”
SQL Injection Tactics
Structured query language (SQL) is used to query, operate and administer database systems such as Microsoft SQL Server, Oracle, or MySQL. An SQL injection exploits a Web app vulnerability, a hacking technique that has been in play for more than 15 years and that is still causing havoc today.
The SQL injection allows a hacker access to the full back-end of the database where they can then take or manipulate any of the data. The attacker deceives the SQL interpreter, so it can no longer differentiate between the attacker’s commands and legitimate commands.
The SQL interpreter therefore executes the commands and the attacker gains access to change, create, read or delete critical data. Security breach ramifications range from an authentication bypass to information disclosure and the spreading of malicious code to all application users.
Common Entry Points for SQL Injection Attacks:
The challenge is that neither anti-virus programs nor firewalls are effective at constantly blocking these common attacks.
Therefore, the best solution for SQL hacker tactics is prevention, far simpler and cheaper than recovering after disaster has struck.
Machine control software penetration
Once the IT network of a manufacturing company is infiltrated, hackers can get access to software that controls machines, exploits a vulnerability remotely and downloads a tampered configuration file.
The smallest variance in the execution of operational technology can cause manufacturing disruptions. This leads to defective products resulting in recalls and reputational losses, production downtime, physical damage, injuries and even deaths.
A typical manufacturing company’s IT infrastructure is intricate at best, but in general, there are three main systems involved in the production process:
Conradie points out that your vulnerabilities can be approached by cyber criminals in stages, starting from one of the numerous business applications exposed to the Internet and then working towards the ultimate aim of controlling the shop floor. Once a hacker breaches a network, he gains unrestrained access to all manufacturing controllers and their configurations.
Your defence strategy
The greatest risks to your manufacturing business may come down to simple permission errors or server misconfigurations that can be prevented by analysing the threats, understanding the potential impact and defining necessary security controls.
Gerhard Conradie, a certified MCSE (Microsoft Certified Systems Engineer, NT4/2000) and CNE (Certified Novell Engineer, Netware 5), is the MD of the Cape Town-based business IT solutions provider Evolv Networks.