Beacon Beacon Beacon Beacon Beacon

IRDAI LICENSE NO: 320 CRISIL RATED

Blog

Latest insurances policy and benefits discussion
29 Jun 2017
CYBER ATTACK ON MANUFACTURING/PRODUCTION PLANT
admin

Manufacturers are increasingly being targeted with cyber crimes, not just by traditional malicious actors like hackers and cyber-criminals, but by competing companies and nations engaged in corporate espionage as well. Motivations for cyber attack range from money and revenge to competitive advantage and strategic disruption.

What happens to a manufacturing business when its production operations suddenly grind to a halt? And what are the consequences of being unable to satisfy market demand? In today’s business environment of increased automation, connectivity and globalization, even the most powerful organizations in the world are vulnerable to debilitating cyber-threats increasing the need for cyber insurance. Also, as production spreads across the globe, regional and national politics are becoming an increasingly important factor in corporate and manufacturing policies.

Types of cyber-attack

Traditional attacks -Traditional cyber attacks involve hackers gaining unauthorized access to sensitive systems and data by tricking executives and their staffs into revealing login credentials and other private information, giving cyber attackers’ front-door access to the organization’s systems. For example hackers can infiltrate the manufacturer’s corporate network and install malicious software. This malware allows the attackers to obtain employee log-in credentials, which in turn could be used to target other key systems within the company that contains intellectual property. These cyber attacks target intellectual property related to automotive technology to blackmail the company, or to gain competitive advantage.

Advanced attack– Advanced malware is another type of cyber attack that is becoming increasingly common in manufacturing sector – and becoming increasingly disruptive. In an era of worldwide connectivity when more and more industrial systems are connected to the internet, this malicious software infiltrates weak systems and hardware and then spreads itself to other systems, leaving behind a trail of destruction and disruption.

For Example attackers use a variant of advanced malware to infect multiple industrial plants around the world. Once the infection spreads, the attackers could take control of systems used to monitor and control critical industrial systems such as power plants, and influence their inner workings.

CAAS and Ransomware– Cyber crime-as-a-service (CAAS) refers to organised crime rings offering services such as on-demand distributed denial of-service attacks and bulletproof hosting to support malware attacks, among other things. According to a report, there has been 33% spike in CAAS, and “exploit kits” globally.

Cybercriminals employing ransomware or crypto-ransomware — a sophisticated software that incorporates advanced encryption algorithms to block system files and then hackers ask for ransom money.

For instance a global cyber attack affected over 100 systems of Andhra Pradesh Police and several Indian firms across the country. Operations of two manufacturing firms in Delhi, two South India bank branches, an MNC’s manufacturing unit and a Mumbai-based FMCG company were also hit. There were also reports that the computer virus had brought production to a stop at a Nissan Renault Alliance plant on the outskirts of Chennai, Tamil Nadu. “About 100 systems were attacked.

Insurance Solution-Cyber Liability Insurance

Cyber Insurance covers losses arising from cyber attacks tend to fall into one of two categories-First party losses and Third party losses.

First party losses consist of costs directly incurred by Insured as a result of cyber attack such as costs incurred in connection with extortion money, business interruption, privacy notifications, Public relations efforts, and forensic investigations, restoration of data and ransom/extortions payments.

Third-party losses are liability losses, and include defence costs and indemnity payments in connection with customers’ claims for damages including defence cost and regulatory investigations covered under cyber insurance.

Cyber insurance typically covers expenses related to first parties as well as claims by third parties.

Few Instances of Cyber attack on Manufacturing /Production Plant

In May 2015, two Indian conglomerates were victims of cyber attack and were forced to pay $5 million each in order to prevent hackers from disclosing information that could have implicated them in a wrongdoing. Investigations revealed that the hackers had gotten into the companies’ IT systems two years before but waited for right opportunity. The hackers threatened that both the companies pay the money or the documents and email trail would be leaked to the public. Eventually, both companies paid the ransom to the hackers.

Damage caused to a blast furnace in a German steel mill

German authorities revealed at the end of 2014 that one of their blast furnaces had been the victim of a cyber-attack. The attackers succeeded in infiltrating into the corporate company network using malware. Then, once inside, they continued to navigate through the network to access the production management system. From there, they were able to destroy several control systems resulting in directly stopping one of the blast furnaces from closing correctly and causing substantial damage to their manufacturing facility.

Armaco

In August 2012, a coordinated “spear-phishing” attack targeted the computer network of Saudi Arabia’s state-owned oil firm, Aramco. This cyber attack infected as many as 30,000 computers and took two full weeks to beat, but it failed to completely shut down the flow of oil, which appeared to have been its goal.

Flame

In May 2012, Russia’s Kaspersky Lab – one of the world’s biggest producers of anti-virus software discovered –a highly sophisticated virus directed at Iran. This virus, Flame – which ran undetected for years – was designed to steal PDF files and AutoCAD drawings. It means, the originator of this cyber attack was after designs, plans and preciously guarded IP data locked inside some of the country’s biggest industrial facilities.

(Disclaimer- Above mentioned report was prepared on the basis of information available in the public domain.)

Leave a Reply

Your email address will not be published.