New: ESG Technical Validation: One-Click Segmentation. Download now!
 
 

Using Microsegmentation to Mitigate Manufacturing Cyber Attacks

By Peter Smith, Founder and CEO — Mar 26, 2019

In a 2018 cybersecurity report, the Engineering Employers Federation (EEF) revealed that 48% of manufacturers had suffered a cybersecurity attack. The report cited poorly protected office systems as the easiest form of attack due to the legacy nature of these IT assets in manufacturing businesses. Verizon’s Data Breach Investigations Report (DBIR) identified 71 confirmed manufacturer data breaches in 2018 alone. The report noted a substantially higher occurrence of targeted attacks against manufacturers (86%) compared to all-industry data. Attackers primarily targeted personally identifiable information (32%), trade secrets (30%), and credentials (24%). Nearly half of successful breaches (47%) involved theft of intellectual property to gain a competitive advantage. The US National Center for Manufacturers Sciences (NCMS) states that 21% of manufacturers have lost intellectual property due to cyber attacks, with 90% of stolen data being considered secret or proprietary. The Manufacturers Alliance for Productivity and Innovation (MAPI) reported that 38% of breached manufacturers suffered losses greater than $1 million, while the U.S. NCMS estimated manufacturing-industry breach costs to total between $1M and $10M.

While theft of data and intellectual property is a primary driver for cyber attacks against manufacturers, there are certainly incidents targeting industrial control systems (ICS). The EEF report noted a "particularly pertinent example” that occurred in 2014 when a steel mill in Germany was catastrophically physically damaged due to a cyber attack. The attacker obtained access to the mill through the business administration network then pivoted to interconnected control networks, later taking advantage of ICS vulnerabilities. In June of 2017, Honda Motor Company halted production in a domestic vehicle plant due to WannaCry ransomware. At the same time, computer chip maker TSMC halted chip production, costing roughly $250 million in losses, after WannaCry infected unpatched Windows 7 machines. Weeks later, A.P. Moller-Maersk halted shipping operations, costing the company $200 million after NotPetya spread through IT and operational systems, forcing the reinstallation of 45,000 PCs and 4,000 servers.


Download our free eBook, Achieving Zero Trust Security  in your Cloud, today!


Prevent lateral movement with microsegmentation

Multiple cybersecurity reports from professional organizations in the manufacturing sector corroborate Verizon’s findings that most cyber attacks against manufacturers focus on stealing intellectual property. The reports also highlight a common pattern used by attackers to enter manufacturer networks — the attackers enter through vulnerable IT systems and move laterally to their ultimate target: the data.

Preventing lateral movement is a primary use case for network segmentation and microsegmentation. Edgewise offers distinct advantages to manufacturers based on our ability to:

  1. Protect desktop and server assets;
  2. Prevent spread of zero-day malware; and
  3. Isolate IT systems from operational systems.
Isolating IT systems from operational systems has been a persistent challenge for manufactures using traditional segmentation models, which place protected objects within a segment. With Edgewise, manufacturers can invert the model by placing insecure IT systems within a segment to restrict their outbound access to control systems based on secure software identity. In doing so, manufacturers both prevent attacks between IT systems and insulate their operational systems from insider threats, malware, and malicious actors originating from IT systems.
Peter Smith, Founder and CEO

Written by Peter Smith, Founder and CEO

Prior to founding Edgewise, Peter was on the founding team at Infinio Systems where he led cross-functional strategy for Infinio's products and technology as VP of Product Management. Peter brings a security practitioner’s perspective to data center products with more than ten years of expertise as an infrastructure and security architect of full-service data centers and customer-hosting environments for Harvard University, Endeca Technologies, American Express, Fidelity UK, Bank of America, and Nike.