Hackers look to extort money from factories – Just-in-time manufacturing sector climbs toward the top of hackers’ hit lists

(AP Stock)

EMERY P. DALESIO, AP Business Writer DURHAM, N.C. (AP) 08/09 — The malware entered the North Carolina transmission plant’s computer network via email last August, just as the criminals wanted, spreading like a virus and threatening to lock up the production line until the company paid a ransom.

AW North Carolina stood to lose $270,000 in revenue, plus wages for idled employees, for every hour the factory wasn’t shipping its crucial auto parts to nine Toyota car and truck plants across North America, said John Peterson, the plant’s information technology manager.

The company is just one of a growing number being hit by cyber-criminals looking for a payday.

While online thieves have long targeted banks for digital holdups, today’s just-in-time manufacturing sector is climbing toward the top of hackers’ hit lists.

Production lines that integrate computer-imaging, barcode scanners and measuring tolerances to a hair’s width at multiple points are more vulnerable to malevolent outsiders.

“These people who try to hack into your network know you have a set schedule. And they know hours are meaningful to what you’re doing,” Peterson said in an interview. “There’s only a day and a half of inventory in the entire supply chain. And so if we don’t make our product in time, that means Toyota doesn’t make their product in time, which means they don’t have a car to sell on the lot that next day. It’s that tight.”

He said that creates pressure on manufacturers to make the criminals go away by paying the sums demanded.

“They may not know what that number is, but they know it’s not zero. So what is that number? Where do you flinch?”

Last August at the 2,200-worker Durham transmission factory, the computer virus coursed through the plant’s network, flooding machines with data and stopping production for about four hours, Peterson said.

Data on some laptops was lost, but the malware was blocked by a firewall when it tried to exit the plant’s network and put the hackers’ lock on the plant’s computer network.

The plant was hit again in April, this time by different crooks using new malware designed to hold data or devices hostage to force a ransom payment, Peterson said. The virus was contained before affecting production, and no ransom was paid to either group, he said.

Manufacturers, government and financial firms are now the top targets globally for illicit intrusions by criminals, foreign espionage agencies and others up to no good, according to a report this spring by NTT Security.

A survey of nearly 3,000 corporate cybersecurity executives in 13 countries last year by Cisco Systems Inc. found about one out of four manufacturing organizations reported cyberattacks that cost them money in the previous 12 months.

Since 2015, U.S. manufacturers considered “critical” to the economy and to normal modern life, like makers of autos and aviation parts, have been the main targets of cyberattacks — outstripping energy, communications and other critical infrastructure, according to Department of Homeland Security incident response data. The numbers may be imprecise because companies in key industries often don’t report attacks for fear of diminished public perception.

But attacks demanding ransom against all U.S. institutions are spiraling higher. The FBI’s Internet Crime Complaint Center received 2,673 ransomware reports in the year ending last September — nearly double from 2014.

While manufacturers are increasingly prey to these cyber-stickups, it may just be because criminals are playing the odds and striking as many enterprises of all types as they can across a targeted region, said John Miller, who heads a team at cybersecurity firm FireEye that tracks money-driven online threats.

Attackers “aren’t necessarily going after manufacturing to the exclusion of other sectors or with a preference above other sectors. It’s more that, ‘OK, we’re going to try to infect everybody in this country that we can,'” Miller said.

One high-profile example came in May and June, when auto manufacturers including Renault shut down production after they were swept up in the worldwide onslaught of the WannaCry ransomware virus.

But attackers also are increasingly injecting ways to remotely control the robots and other automated systems that control production inside targeted factories.

The threat of computer code tailored to hit specific targets has been around since researchers in 2010 discovered Stuxnet, malware apparently designed to sabotage Iran’s nuclear program by causing centrifuge machines to spin out of control. Stuxnet is widely believed to be a covert American and Israeli creation, but neither country has officially acknowledged a role in the attack.

Malicious software that attacked Ukraine’s electricity grid last December was built to remotely sabotage circuit breakers, switches and protection relays, researchers said.

Cyberattacks that reach into industrial control systems have doubled in the past two years in the U.S. to nearly four dozen so far in the federal fiscal year that ends in September, outstripping last year’s total, according to DHS data.

“I think the emerging threat you’re going to see in the future now is really custom ransomware that’s going to be targeted more toward individual companies,” said Neil Hershfield, the acting director of the DHS team that handles emergency response to cyberattacks on industrial control systems.

https://www.apnews.com/e316bd63f21a4fd181b3fb4a8dd7a5ba/Take-down:-Hackers-looking-to-shut-down-factories-for-pay

Copyright 2017 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

 

Posted in: Cybersecurity/Cybercrime, Data Security/Data Privacy, Extortion, Victims of Crime

Leave a Reply

Your email address will not be published. Required fields are marked *

17 − one =

Terms of Use for Posting Comments

Terms of Use

This site (the “Site”) is operated and maintained by Law Enforcement Education Foundation, Corporation (“Company”). Throughout the Site, the terms “we”, “us” and “our” refer to Company.  The words “user,” “you” and “your” as used herein refer to you.

Please read these terms and conditions of use (“Terms of Use”) carefully before contributing content. If you do not agree to these Terms of Use, please do not contribute content. Your use of the Site is subject to the Terms and Conditions found here .

By contributing content to the Site, you represent and warrant that you are at least eighteen (18) years old and that you have read and understand these Terms of Use and any amendments thereto and agree to be bound by them. If you are not at least eighteen (18) years old or you do not agree and accept these Terms of Use, you are prohibited from contributing content.

From time to time, we may permit users to submit content to the Site.  You hereby acknowledge and agree that by submitting remarks, comments, suggestions, ideas, graphics, feedback, edits, concepts, comments, photographs, illustrations and other materials (other than personal information and/or registration information) through the Site (individually and collectively, “Submissions”), you (i) grant us a nonexclusive, royalty-free, perpetual, transferable, irrevocable and fully sub-licensable right to use, reproduce, modify, adapt, translate, distribute, publish, create derivative works from and publicly display and perform such Submissions throughout the world in any media, now known or hereafter created, without attribution to you; (ii) grant us the right to pursue at law any person or entity that violates your and/or our rights in your Submissions; and (iii) forever waive any and all of your rights, including but not limited to moral rights, if any, in and to your Submissions, including, without limitation, any all rights or requirements of attribution or identification of you as the author of the Submission or any derivative thereof.  We reserve the right to remove any of your Submissions from the Site, in whole or in part, without notice to you, for any reason or no reason.

Submissions are made voluntarily. Any submissions which include personally identifiable information are subject to our Privacy Policy found here .  You may not upload or otherwise publish content on the Site that (i) is confidential to you or any third party; (ii) is untrue, inaccurate, false or other than an original work of your authorship; (iii) that relates to or impersonates any other person; (iv) violates the copyright, trademark, patent or other intellectual property rights of any person or entity; (v) contains any content, personally identifiable information or other information, or materials of any kind that relate or refer to any other person or entity other than the provider of the products, goods or services to which the Submission relates; or (vi) violates any law, or in any manner infringes or interferes with the rights of others, including but not limited to the use of names, information, or materials that (A) libel, defame, or invade the privacy of any third party, (B) are obscene or pornographic, (C) are harmful, threatening, offensive, abusive, harassing, vulgar, false or inaccurate, racially, sexually, ethnically or are otherwise objectionable or otherwise contrary to the laws of any place where such Submissions may be accessed; (D) constitute personal attacks on other individuals; (E) promote criminal, immoral or illegal activity; (F) promote or advertise any person, product or service or solicit funds; or (G) are deemed confidential by any contract or policy.

You are solely responsible for any Submissions you make and their accuracy. We take no responsibility and assume no liability for any Submissions posted by you or any third party.

Unless approved by us in writing in advance, you agree not to: (i) provide or create a link to the Site; or (ii) create any frames at any other sites pertaining to any of the content located on the Site.

We reserve the right, in our discretion, to update, change or replace any part of these Terms of Use for Posting Comments by posting updates and/or changes to our Site.  It is your responsibility to check this page periodically for changes.  Your continued use of, and/or access to the Site, following the posting of any changes to these Terms of Use for Posting Comments, constitutes your acceptance of those changes.