The threats to corporate IT security are growing rapidly. The manufacturing industry is particularly in the focus of cybercriminals and small suppliers through which the large corporations – especially those in the automotive sector – are supposed to be infected and spied on. According to Symantec, attacks on mobile devices will also increase sharply.
“Compared to the previous year, targeted espionage attacks increased by a whopping 42%,” reports the protection software manufacturer Symantec. “The main issue here is the theft of intellectual property: the attacks are primarily directed against the manufacturing industry (24%) and small and medium-sized enterprises (SMEs).”
“Most attacks are economically or politically motivated.” The aim here is to sabotage the integrity of production processes and products.
The Auto Industry In The Focus Of Cyber Espionage
“As a victim of phishing and virus attacks, the automotive industry ranks first.” “The industry is extremely attractive for hackers: Models and designs are developed years before they are ready for the market, attacks on intellectual property are particularly worthwhile.” However, the risk is particularly great because “the integrity of the components and vehicles produced is extremely important.”
“While many SMEs feel safe, their banking information, customer data, and intellectual property are extremely attractive to cybercriminals.” “The number of web-based attacks increased by 30%, many of them originating from maliciously infected small business websites.” These websites would then be surfed by the company’s larger partner, which is often a supplier, who thereby catches malware:
This “big brother” is the real goal. “This type of attack was carried out very ‘successfully’ by the US Elderwood gang, which infected 500 organizations with espionage software in a single day”.
The manufacturing industry has already made progress in securing its facilities in recent years, but it cannot keep up with the increasingly sophisticated attacks. What is required is “a holistic security system that consists of various components”: “Depending on the requirements of the production facility, this includes encryption and authentication technologies, firewalls, intrusion prevention solutions or gateways.”
Hundreds Of Industrial Plants Are Unprotected
Hundreds of industrial plants are hardly protected from hacker attacks. The Heise-Verlag recently discovered district heating power plants, important data centers, a correctional facility, and a stadium whose industrial controls were connected to the internet without any worries. Heise came across hundreds of publicly accessible IP addresses from virtual control centers “wide open” without effective authentication.
District heating power plants, for example, that supply several thousand residents with heat are among the systems detected. The heat supply could have been paralyzed with a click of the mouse, which would have led to a failure of several hours and considerable property damage.
The financial industry was hit with an above-average frequency of 37% of all data protection violations. This is reported in the current “Data Breach Investigations Report” from the US telecommunications company Verizon. The IBM X-Force locates the origin of these financially motivated attacks in Asia. According to Verizon, state-affiliated companies come in second place (20%). The purpose was to steal intellectual property.
Attacks On Mobile Devices Will Increase Rapidly
Mobile devices are still at risk, especially those with the Android operating system. According to Symantec, malicious mobile code increased by 58% compared to the previous year. “The threat to mobile devices is still rather small, but it is increasing all the time.” “Since NFC-enabled smartphones (NFC: Near Field Communication) and thus payments with mobile devices are becoming increasingly popular, attacks on mobile devices will increase rapidly.” At the moment, attacks on mobile devices are primarily delaware and text was. They aim to call chargeable numbers or to write to expensive shortcode SMS numbers. “We are also seeing an increase in phishing using fake banking apps.”