While efficiency and convenience is captured, manufacturing’s growing reliance on IT systems can be risky business. US National Intelligence Director James Clapper warns that “Russian cyber actors are developing means to remotely access industrial control systems used to manage critical infrastructures,” according to The Week.
Even if you don’t see your organization’s activities as important to national defense, industrial equipment can be at risk from non-state-affiliated hackers. This isn’t just theoretical. According to a German government report, a steel mill suffered “massive damage” when hackers gained control of the facility’s blast furnace as a result of a malware attack. The attack relied on “sophisticated social engineering and spear-phishing tactics,” indicating that IT security policies were either not sufficient or protocols were not followed.
This was hardly the first attack on industrial control systems, as there is a history of malware being successfully used to damage the capabilities of energy sector companies as well as those in the industrial manufacturing sector.
Concern over downtime should dovetail with apprehension over the greater damage that is possible if a hacker takes over your systems. Guarding an organization against such events involves both protecting the IT assets as well as having well-thought-out policies in place that employees follow to the letter, as people are frequently the weakest link.
We haven’t seen the last of damaging IT attacks, and it is likely that wide swaths of the business community are not truly prepared for what they may be facing moving forward.