Supply Chains Are a Hacker's Gateway

Many attacks on manufacturers are just the first step in going after even bigger targets.One of the inescapable truths about the industrial sector is that it is usually the ultimate proving ground for product performance. When we look at some of the technologies that have created seismic social shifts, tools like operational software, wireless connectivity and numerous monitoring devices were not ready for the demanding industrial environment right away.When it comes to cybersecurity, that dynamic has done a 180. Hackers initially went after healthcare and financial institutions because they were seen as easy targets with deep pockets that would pay to make the problem go away as quickly as possible. Then 2020 came and put many industries on pause – except for manufacturing. Like moths to a flame, the hackers were drawn to OT networks and found not only a vulnerable target, but a lucrative one. We tackle these issues and many others in this episode with Sam Moyer, MxD’s Lead Cybersecurity Engineer. Some of the topics we discuss include:The lingering (live-off-the-land) nature of many state-sponsored or hacktivist group attacks.Finding the right ways to prioritize cybersecurity in manufacturing, and how the industry works "in it's own time."The disruptive or competitive push that manufacturing is missing.AI, and the potential traps to avoid in eliminating too much human knowledge.Why manufacturers are a target because of who they work with on a regular basis.Improvements in landscape visibility.The rise in frequency of manufactures paying ransomware demands.Navigating the regulatory landscape, and learning from past mistakes.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.