WhitePaper

Cyber security in the manufacturing industry: A story of a targeted attack

Imagine a competitor releasing your prototype for a rip off price only a few weeks before you were planning to go public. Your investment in (years of) research and development would go to waste.

F-Secure Dec 04th 2018 A-A+

When there is a lot to lose, cyber security needs to be a priority. Like in the manufacturing sector.

Imagine a competitor releasing your prototype for a rip off price only a few weeks before you were planning to go public. Your investment in (years of) research and development would go to waste.

Or, envision a hacker messing with your production systems. Even a short production downtime would cost you millions. And it would take weeks to bring the process back running.

Majority of cyber attacks in manufacturing are targeted

Financial gain (53 %) and industrial espionage (47 %) are the main motives behind cyber attacks on the manufacturing industry. In manufacturing, 86 % of the cyber attacks are targeted.1

Attackers are after a certain goal and keep chasing it persistently. They may perform in-depth research and attempt intruding several systems before you notice anything.

A case study in the process industry

Our eBook presents a cyber attack against a large company in the pulp and paper industry. It pictures a worst case scenario where the attacker is able to get all the way to the production systems.

Although the case is completely fictional, it is based on real experiences of F-Secure’s cyber security consultants. It conveys the intricacy of an industrial cyber attack and the pain points of a defending company.

Complexity – a curse or a blessing?

The complexity of manufacturing plants and systems adds challenge to cyber security management. For an attacker, this is a bliss as it leaves several loopholes available for probing.

Our case example shows that preventing targeted cyber attacks is, unfortunately, close to impossible. Your best shot in fighting these attacks are detection and response tools. They allow visibility to events in the network and can cut the progress of attackers short. Before they enter your critical production systems.

Chain of events in an ICS attack

"But they needn’t have worried – Pulp Global had no network level visibility and very limited host level visibility. The attackers could have run nearly any tools, no matter how noisy, without a significant risk of getting caught. The truth was, Pulp Global had no idea what was happening inside their networks."

Read the eBook to learn about the methods attackers use to sneak past your defensive barriers, find out what happens in a full-blown ICS attack and get a comprehensive understanding of cyber security challenges in manufacturing. Don’t forget to sign up for our newsletter for practical tips on how to improve your cyber security and threat detection capabilities.