Industrial Internet of Things (IIoT) Focus for Cyber Attackers

Having analysed the existing and emerging cyber threats, Trend Micro has predicted that the Industrial Internet of Things (IIoT) will be the focus for cyber attackers in 2018. This prediction is based on the fact that 2017 saw very successful ransomware campaigns sweep across the globe. Cyber attackers will be looking to build on this ransomware success by targeting a single organisation in an IIoT environment with the aim of disrupting their Industrial Control Systems (ICS) in order to affect the production line.

Disruption of Industrial Control Systems (ICS)

In today’s just-in-time manufacturing sector, cyber attackers are starting to realise that this sector has much to lose if their ICS are compromised, as demonstrated by the following case study:

In 2016 AW North Carolina became victim of a malware attack that infiltrated the transmission plant’s complete network via email. It spread like a virus and threatened to lock up the production line until the company paid the ransom.

“These people who try to hack into your network know you have a set schedule. And they know hours are meaningful to what you’re doing.” John Peterson, the plant’s information technology manager explained in an interview. “There’s only a day and a half of inventory in the entire supply chain. And so if we don’t make our products on time, that means Toyota doesn’t make their product in time, which means they don’t have a car to sell on the lot the next day. It’s that tight.”

He goes on to say that it creates pressure on manufacturers to make the criminals go away by paying the sums demanded.

High profile auto manufacturers such as Renault and Nissan have also been victims to ransomware attacks when they were caught up in the worldwide WannaCry ransomware virus.

Attacks on Industrial Control Systems on the increase

The new shift in cybercrime that we are starting to see is cyber attackers trying to infiltrate factories by remotely controlling robots and other automated systems that control production inside factories. Malicious software that attacked Ukraine’s electricity grid in December 2016 was built to remotely sabotage circuit breakers, switches and protection relays, researchers claim.

According to DHS (Demographic and Health Survey) data, cyber attacks that reach into industrial control systems have doubled in the past 2 years in the US to approx. 50 instances during the 2016-2017 Federal Fiscal year, completely outstripping the year before. These increased instances we believe will also occur in Australia.

As ICS continue to modernise, an increasing number of Internet of Things (IoT) devices are introduced to improve productivity and enhance system control. However, by simplifying process controls, data monitoring and communications with other systems through the use of smart devices, the greater the damage in the event of cyber attack. The result of an ICS attack could mean operational shutdowns, damaged equipment, financial loss, intellectual property theft, and substantial health and safety risks.

Managing IoT devices in the ICS environment can create major challenges in security, as each device will have to be properly defended and secured. Not applying adequate security leaves the entire ICS ecosystem highly vulnerable to attacks.

Industrial sites need to be protected and insure their physical assets and systems against remote, online attacks. With access to a number of insurers providing cover for industrial cyber attacks, Coverforce Leed Insurance Brokers can help your business find coverage for:

  • Cyber loss or damage – covering expenses to restore its network, to restore information stored on its network, or any other data, including physical documents;
  • Business Interruption – coverage for a reduction in business income, expenses in excess of the insured’s normal operating expenses sustained during a restoration period, and forensic investigation costs;
  • Cyber Extortion – extortion money paid to a third party extortionist;
  • PR expenses– expenses required to respond to adverse or unfavorable publicity or media attention resulting from a loss that is indemnified;
  • Cyber occurrence – any loss, event, incident or accident arising out of, directly or indirectly attributable to unauthorized access, virus, denial of service attack or operational error, or a credible threat made by an extortionist, and cyber terrorism can be included as a standard.

Contact Coverforce Leed Insurance Brokers today to find the best cyber insurance solution for your business before the next cyber attack targets your business.