Recent Cyber Attacks
- Ransomware attack on Jabil. In March 2023, the contract manufacturer Jabil was hit by a ransomware attack that encrypted its data. The attack forced Jabil to temporarily shut down its operations.
- Data breach at Rockwell Automation. In February 2023, the industrial automation company Rockwell Automation was hit by a data breach that exposed the personal information of over 100,000 employees. The breach was caused by a security vulnerability in the company’s cloud-based platform.
- Phishing attack on Siemens. In January 2023, the industrial conglomerate Siemens was targeted in a phishing attack that allowed the attackers to gain access to employee email accounts. The attackers then used the compromised accounts to send phishing emails to other employees, which led to further data breaches.
- Data breach at Johnson Controls. In December 2022, the building technology company Johnson Controls was hit by a data breach that exposed the personal information of over 80,000 employees. The breach was caused by a security vulnerability in the company’s cloud-based platform.
- Ransomware attack on Honeywell. In November 2022, the industrial conglomerate Honeywell was hit by a ransomware attack that encrypted its data. The attack forced Honeywell to temporarily shut down its operations.
- Data breach at Emerson Electric. In October 2022, the industrial conglomerate Emerson Electric was hit by a data breach that exposed the personal information of over 60,000 employees. The breach was caused by a security vulnerability in the company’s cloud-based platform.
- Legacy systems: Many manufacturing plants rely on legacy systems that were not designed with cybersecurity in mind. These systems can be difficult to secure and update, making them a prime target for cybercriminals.
- Operational technology (OT) systems: OT systems are used to control and monitor industrial processes. These systems are often connected to the internet, which makes them vulnerable to cyberattacks.
- Remote work: The increasing popularity of remote work has made it more difficult for manufacturers to secure their networks. Remote workers may not be using the same security measures as on-site employees, making them a target for cybercriminals.
- Supply chain attacks: Cybercriminals may target a manufacturer’s suppliers or partners in order to gain access to the manufacturer’s systems.
- Ransomware attacks: Ransomware is a type of malware that encrypts a victim’s files and demands a ransom payment in order to decrypt them. Ransomware attacks are a growing threat to the manufacturing industry, as they can disrupt production and cause financial losses.
- The Cybersecurity Maturity Model Certification (CMMC). The CMMC is a cybersecurity framework developed by the U.S. Department of Defense (DoD) for defense contractors. The CMMC has five levels of compliance, with Level 3 being the minimum requirement for most defense contractors.
- The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The CSF is a voluntary framework that organizations can use to improve their cybersecurity posture. The CSF provides a set of guidelines and best practices for managing cybersecurity risk.
- The International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 27001. ISO/IEC 27001 is an international standard for information security management. It provides a comprehensive set of requirements for organizations to protect their information assets.
- The Payment Card Industry Data Security Standards (PCI DSS). The PCI DSS is a set of security standards for organizations that process, store, or transmit payment card data. It applies to all organizations that accept, process, store, or transmit payment card information, regardless of their size or industry.
Our client was faced with cybersecurity threats on the factory floor setup – CNC controllers, shared computers for internet browsing, and a flat network architecture.
Their challenges included the risk of malware and phishing attacks on shared computers, the potential for unauthorized access or tampering with CNC controllers, and the vulnerabilities of a flat network where a breach in one area could expose the entire network.
To address these challenges, we crafted a comprehensive and customized cybersecurity strategy:
Network Segmentation: We moved away from the flat network architecture and implemented network segmentation. This restricted potential breaches to limited segments, preventing wide-scale network compromise.
Industrial Control System (ICS) Security: We enforced ICS security for the CNC controllers, including real-time monitoring and intrusion detection to prevent unauthorized access or manipulation.
Web Content Filtering: We installed web content filtering on shared computers, limiting access to potentially harmful sites and reducing the risk of phishing and malware attacks.
Endpoint Security and Antivirus: We implemented advanced endpoint security and antivirus software on all shared computers to provide robust protection against malware.
Security Awareness Training: We conducted comprehensive training for all staff, teaching them to recognize and avoid common cyber threats, contributing to a human firewall against cyberattacks.
The firm now operates with a robust security infrastructure, protecting its critical manufacturing processes with proactive steps to enhance their cyber defenses and protecting their intellectual property.