From "Take Down: Hackers Looking to Shut Down Factories for Pay"
New York Times (08/09/17)
Today's just-in-time manufacturing sector is climbing toward the top of hackers' hit lists for ransomware attacks. Hackers know these manufacturers have a set schedule and know hours are meaningful to what they do, which creates pressure on manufacturers to make the criminals go away by paying the sums demanded. Last August, malware entered AW North Carolina's computer network via email, spreading like a virus and threatening to lock up its transmission plant's production line until the company paid a ransom. The company stood to lose $270,000 in revenue, plus wages for idled employees, for every hour the factory wasn't shipping its crucial auto parts to nine Toyota car and truck plants across North America. Attackers also are increasingly injecting ways to remotely control the robots and other automated systems that control production inside targeted factories. Cyberattacks that reach into industrial control systems have doubled in the past two years in the U.S. to nearly four dozen so far in the federal fiscal year that ends in September, outstripping last year's total, according to data from the Department of Homeland Security (DHS). "I think the emerging threat you're going to see in the future now is really custom ransomware that's going to be targeted more toward individual companies," says Neil Hershfield, the acting director of the DHS team that handles emergency response to cyberattacks on industrial control systems.
New York Times (08/09/17)
Today's just-in-time manufacturing sector is climbing toward the top of hackers' hit lists for ransomware attacks. Hackers know these manufacturers have a set schedule and know hours are meaningful to what they do, which creates pressure on manufacturers to make the criminals go away by paying the sums demanded. Last August, malware entered AW North Carolina's computer network via email, spreading like a virus and threatening to lock up its transmission plant's production line until the company paid a ransom. The company stood to lose $270,000 in revenue, plus wages for idled employees, for every hour the factory wasn't shipping its crucial auto parts to nine Toyota car and truck plants across North America. Attackers also are increasingly injecting ways to remotely control the robots and other automated systems that control production inside targeted factories. Cyberattacks that reach into industrial control systems have doubled in the past two years in the U.S. to nearly four dozen so far in the federal fiscal year that ends in September, outstripping last year's total, according to data from the Department of Homeland Security (DHS). "I think the emerging threat you're going to see in the future now is really custom ransomware that's going to be targeted more toward individual companies," says Neil Hershfield, the acting director of the DHS team that handles emergency response to cyberattacks on industrial control systems.