Security Trends in 2022: Industry 4.0, Automotive all in Radar!

0
286

Relying on technologies seems to be the form of business processes. With every business scaling their infrastructure, Oops! I mean technology infrastructure the scene of modern technology is indeed defining new opportunities and as well as challenges. The sudden pandemic set an alarming change on how employees continued their work processes and built future teams and success stories. According to a latest survey by Gartner, the percentage of employees working remotely has increased from 30% to 48% after the pandemic, and another Gartner report indicates that 74% of the companies consider to let (at least part of) their workforce remain remote permanently. From infrastructure to work desks and remote working to VPNs all seems to be at growing risk as the Security breach raises frequent buzz over global companies and their businesses. It’s worth noticing that not only do cybercriminals utilize fake e-mail domain that mimics the real one, but 98% of malicious e-mails are text-only, so that firewall or other defensive mechanism cannot filter them out. Many has also pointed out that a great number of phishing e-mails are COVID-19-related.

Supply Chain Attacks

The devastating SolarWinds cyberattacks gave us a bitter example of advanced and sophisticated security systems and services can also be prone to attack. Though breaching through legitimate third-party processes is something that’s not new but ahead fragile security preferences. Lateral movement, privilege escalation, command and control, malware deployment and data exfiltration others are key aspects where supply chain attacks has been facing the turmoil. Strong security protection is no longer enough for organisations when attackers have already shifted their attention to suppliers. This is evidenced by the increasing impact of these attacks such as downtime of systems, monetary loss and reputational damage. Supply chain attacks are now expected to multiply by 4 in 2021 compared to last year. Such new trend stresses the need for policymakers and the cybersecurity community to act now. This is why novel protective measures to prevent and respond to potential supply chain attacks in the future while mitigating their impact need to be introduced urgently.

Cybersecurity is Not Enough for Tackling Supply Chain Attacks, Why is a Good Level of Cybersecurity Not Good Enough?

Composed of an attack on one or more suppliers with a later attack on the final target, namely the customer, supply chain attacks may take months to succeed. In many instances, such an attack may even go undetected for a long time. Similarly to Advanced Persistence Threat (APT) attacks, supply chain attacks are usually targeted, quite complex and costly with attackers probably planning them well in advance. All such aspects reveal the degree of sophistication of the adversaries and the persistence in seeking to succeed.

The report reveals that an organisation could be vulnerable to a supply chain attack even when its own defences are quite good. The attackers explore new potential highways to infiltrate organisations by targeting their suppliers. Moreover, with the almost limitless potential of the impact of supply chain attacks on numerous customers, these types of attacks are becoming increasingly common.

In order to compromise the targeted customers, attackers focused on the suppliers’ code in about 66% of the reported incidents. This shows that organisations should focus their efforts on validating third-party code and software before using them to ensure these were not tampered with or manipulated.

For about 58% of the supply chain incidents analysed, the customer assets targeted were predominantly customer data, including Personally Identifiable Information (PII) data and intellectual property.

For 66% of the supply chain attacks analysed, suppliers did not know, or failed to report on how they were compromised. However, less than 9% of the customers compromised through supply chain attacks did not know how the attacks occurred. This highlights the gap in terms of maturity in cybersecurity incident reporting between suppliers and end-users.

Automotive Hacks

In 2022 the automotive industry might have to face the security breach heat in a complete new avatar. With more connected vehicles running on roads and the demand seemingly to inflate, the rush towards this transition is indulging huge risks over Automotive systems – no matter how advanced it is or sophisticated it can be named! As vehicle technology continues to develop, car dealerships will be dealing with a whole new line of problems, especially as more and more people switch over to driverless cars that require much-complicated technology to work. This leaves modern cars open to many security vulnerabilities or cyber threats that could lead to the driver being at serious risk while driving.

Some of the risks posed to modern vehicles include:

  • Identity/personal information theft: Owner details, GPS logs, credit cards, etc
  • Unauthorised access: Keyless door entry system through mobile apps or electronic key fobs
  • Creation of mobile bots: Large number of vehicles could be excellent candidates for bots, which can be used to launch cyber attacks.
  • Installation of ransomware: Victims must pay money to regain control of their vehicles – References: https://www.futurelearn.com/info/courses/basics-of-automotive-cyber-security/0/steps/90218)

Some Interesting Reports on Automotive Security Breaches

Over 40 percent of all auto cybersecurity issues are associated in some way to back-end application servers. According to various studies, automakers could lose approximately $1.1 billion for a single attack. Collectively, the entire automotive industry is estimated to lose up to $24 billion before 2023. Those most impacted as of today are fleet operators, Tier 1 suppliers, and car-sharing companies. There is, however, hope that by implementing multi-layered security, the transport sector can survive the onslaught of cybercriminals in the long run. One key multi-layered security approach is automotive cloud security.

Integrating AI with Cybersecurity

In recent years, there has been a dramatic increase – 15% to 21%, according to various estimates ­– in security breaches. Leading platforms such as Facebook, Twitter, and Yahoo have become victims, compromising millions of dollars’ worth of users’ data. In this scenario the question arises who is responsible for these growing cyberattacks. Data collection and AI algorithms are becoming the cornerstone of the cybersecurity industry. Automated decision-making and evaluation processes provide a wider range of protection from malicious activity than legacy solutions. For instance, AI can be proactive and monitor devices for suspicious activity, instead of relying on slowly updated malware databases.

Gartner, one of the world’s leading research and IT companies, predicted that 60% of digital businesses could suffer major losses due to the inability of their security teams to manage digital risks.

After the high-profile security breaches of the past two years, businesses are becoming more aware of risk-management techniques. In fact, 79% of global executives of companies rank cybersecurity risk management as one of their top priorities.
Artificial Intelligence has been a helpful tool in ensuring integrity by detecting threats at scale, e.g., detecting Zero-day attacks before they happen. AI leverages Machine Learning to process vast amounts of data to identify threats more effectively than previous technology the cybersecurity industry has offered over the past few decades.

Industry 4.0 and Cybersecurity – A Term Defining The Automated Factories

Cyber-physical systems are simply a new generation of integrations of physical processes with computation and networking processes. This is integrating cyberspace with the physical world. Cyberspace refers to the widespread interconnected digital technology characterized by communication and computing infrastructure.

Cyber-Physical Systems have numerous applications in the following sectors; manufacturing, energy, infrastructure, consumer, communication, military, robotics, smart buildings, healthcare, infrastructure, and From the perspective of a practitioner (a manager, engineer, cybersecurity expert) in an evolving manufacturing industry, it is worth noting that the integrated and distributed nature of Industry 4.0 makes it impossible to completely secure a business from cyber-threats due to a number of reasons:

  1. Data sharing: With Industry 4.0, sharing of data and intellectual property is done across supply chains and various stakeholders. Systems are being integrated between consumers and suppliers. Data is distributed all through the systems, which means a greater security scope.
  2. Points of attack: Since these systems involve a number of stakeholders in the value chain as well as consumers, the number of user access points drastically increases. These access points are possible points of attack. The more points of attack to cover, the harder (and more expensive) it becomes to secure the whole system.
  3. Convergence of Information Technology and Operational Technology: Software and hardware boundaries are blurred. To secure these Industry 4.0 systems from end to end, it is important to consider the digital components as well as the physical ones. The methods previously used such as anti-malware, intrusion detection systems, and firewalls may fall short of the mark when involving software and different types of hardware systems.
  4. Playing catch-up: Even prior to Industry 4.0, cybersecurity threats tended to be one step ahead of potential solutions or preventive measures. It is common to set up preventive measures in a private network such as firewalls and intrusion detection systems that react to new threats that bypass such measures. However, with Industry 4.0, given the systems cut across industries and have possibly thousands of different devices and networks interacting with each other, the types of threats to anticipate increase. The possibility of new threats increases exponentially. For example, emerging threats may target a specific device among thousands in a network. This is incredibly difficult to anticipate. transportation among others.
  5. Industry 4.0 and Cybersecurity: Vulnerabilities

We won’t go into the details here, but Trend Micro’s report has fantastic depth and dives into a number of Industry 4.0 cyber threats, including:

  • Longer Equipment Life Cycles
  • Pervasiveness of Network Worms
  • Autorun Detections
  • Targeted and Opportunistic Campaigns Against the Manufacturing Industry
  • OT Network Threats (including ICS vulnerabilities)
  • IP Threats (including malicious CAD files and poor configurations)
  • Underground Activities Related to the Industrial and Manufacturing Sectors