Ensuring safety and security
Published on : Tuesday 02-02-2021
According to a recent report from cybersecurity firm McAfee,
the cost of cybercrime will increase by 50% from the 2018 total and will account for more than 1% of global GDP. In fact the year 2020, already suffering from the consequences of Covid-19, has seen a spurt in cybercrime that is expected to cost over USD 1 trillion. This is caused by a variety of cyber-attacks, ranging from phishing and denial of service to ransomware, spyware and cryptocurrency theft.
If this is the state of crime in cyberspace in general, one can imagine the risks for the industry – the manufacturing and process industry in particular – where the consequences could be much more enormous and severe, going beyond the immediate monetary loss. A case in point is the ransomware attack in February 2020 that caused a US natural gas compressor facility to shut for two days when hackers sent emails with a malicious link – a case of a phishing attack – to gain control of the facility’s information technology system. Later in June 2020, there was a cyber-attack on global automotive major Honda, whose operations at many global locations, including manufacturing plants, came to a halt, crippling computer servers, email and essential systems. Honda went on record stating the incident to be a result of an outside attack, most likely caused by some vulnerabilities exposed as employees were working from home. Such attacks have become routine, the most recent example being on global crane manufacturer Palfinger, where a security breach on January 25, 2021 disrupted IT systems and business operations.
What are the main causes that are responsible for these frequent cyber-attacks on high value targets? According to CybSafe, a British cybersecurity and data analytics company, while the reasons are many, three key factors compromise cybersecurity and increase the likelihood of cyber-attacks on enterprises. The irony is, these are really simple to comprehend and eliminate, just by creating awareness. The first is passwords – too many people are using simple predictable passwords. A little care in using a stronger password can greatly improve security. The second is system vulnerabilities and casualness in dealing with them internally. The third is underestimating the risk of cyber-attack, and unfortunately, everyone’s ability to calculate risk is poor. The common refrain is it does not happen to us.
This edition of Industrial Automation is dedicated to the theme of Industrial Safety and Enterprise Security. Apart from the lead story featuring expert views, there is a large number of articles dwelling on the subject, analysing causes, suggesting solutions, offering remedies and sharing knowledge based on experience. As the CybSafe blog observes, tongue firmly in cheek, good advice exists, but it’s currently tucked away online, not available when and where people need it.
