Tracking Cybersecurity Threats in ManufacturingChris Morales of Vectra Discusses the Latest Industrial IoT Attack Trends
With the rise of the industrial internet of things comes a far broader attack surface in the manufacturing sector. Chris Morales of Vectra outlines findings of a new report on cyberattack trends in the manufacturing sector based on metadata captured from 4 million devices and workloads from customer cloud, data center and enterprise environments between January and June 2018.
Morales says the problem with IIoT devices is that manufacturing is only just beginning to grasp the scale of connectivity in recent years and how easy it is to infiltrate industrial networks.
"It's relatively trivial for someone to easily, somewhere across the world, infiltrate these networks, sit in there for a long time, propagate against all these machines that are already very connected and very chatty with each other and get data that's already leaving the company," Morales says in an interview with Information Security Media Group.
To adapt to the rapidly expanding attack surface, Morales suggests that manufacturers need to evolve knowledge of their networks to develop a clearer view of where data is residing and moving.
"There needs to be a lot of cultural change," he says. "The biggest thing to me is that they need to make sure they have visibility of what's actually happening inside their networks so they can understand how things are able to spread or move around."
In this interview (see audio link below photo), Morales also discusses:
- The perpetrators of IIoT cybersecurity threats;
- How ransomware is being usurped by cryptojacking;
- The consequences of cybersecurity attacks in manufacturing.
Morales is head of security analytics at Vectra, a San Jose, Calif.-based cybersecurity firm. He designs incident response and threat management programs for Fortune 500 enterprise clients. He has nearly two decades of information security experience in an array of cybersecurity consulting, sales and research roles.