Manufacturing recalls ideas of big tough machines doing big tough machine things. Smelters turning molten iron into mighty girders. Robotic arms assembling sedans and minivans in a matter of minutes. Plastic injectors churning out tacky pieces of garbage that you don’t need or even want but you lack the self-control to resist a 40% off sticker. Yet despite its image of power and unstoppable industry, manufacturing is afflicted by a lack of PAM security.
Manufacturing enterprises have suffered some of the worst cyberattacks in recent years. Ransomware struck 56% of manufacturing companies surveyed by Sophos between January and March 2023. In 2023 alone, more than a third of manufacturing ransomware victims paid ransom demands to get their data back.
Too much of cybersecurity strategy is hindsight-only, looking back on what could have happened instead of anticipating before it happened. Fortunately for you, you still have time to learn from their mistakes and make adjustments to your PAM security strategy. Read on and discover how PAM protects your digital identities…before it is too late.
PAM Security for Candy Manufacturing Digital Identities
In 2017, Mondelez, the multinational food and beverage company behind Cadbury and Nabisco, suffered a catastrophic NotPetya malware attack. The incident destroyed more than 25,000 machines. Additionally, the attack crippled facility operations and may have compromised thousands of user credentials. The incident even lead to a landmark cyber-insurance court case costing $100 MN. The breach of Mondelez’s cybersecurity perimeter would have been damaging enough to their reputation. However, the direct effects of the attack turned out to be far more dire.
Consisting of wiper malware likely concealed within Ukrainian tax software, the NotPetya attack concealed an insidious secret. Though initial investigators believed the attack to be a ransom attempt, it was later discovered that the attack was simply meant to permanently damage the company. This demonstrates that, even if the victim is willing to pay a ransom, that may not always be an option. Therefore, a PAM security solution is the much better option for preventing the attack from getting off the ground.
Human error obviously led to a gap in cybersecurity strategy. When an authorized user lets in a bad actor, a skilled hacker can quickly move laterally through an undefended system. However, even if an initial attack gets through, there are solutions that could have halted and isolated its progress. A properly equipped IGA and PAM system could have prevented the exploit from moving laterally, identifying suspicious behavior and combating it. A PAM security solution would have required third-party vendors to be under the same scrutiny as internal identities. By establishing norms the system can alert and lock down access even for machine identities, which could have stopped the user-agnostic malware.
Protecting Car Manufacturers’ Digital Identities Through PAM Security
Post-breach analysis is somewhat hampered by the lack of public information on the original attack vector. Yet the effects of the 2017 Renault-Nissan attack were evident. This WannaCry ransomware attack infected the machines at multiple places. Their solution was to disconnect the infected plants from its network for four days, halting operations at five production plants across three continents.
The protracted shutdown of Renault’s Douai plant, responsible for building some of Renault’s top-priced models, was particularly harsh. WannaCry also targeted Renault-Nissan’s fellow automotive manufacturer Honda. This attack forced Honda to halt operations at one of their plants. The nature of the attack lead some experts to theorize that the hackers used outdated Windows systems to access Renault’s systems. However, this remains speculative.
In this instance, PAM would have allowed for a much faster response to the attack. Centralized controls could have safely and remotely taken the devices offline, allowing for much faster isolation. An adaptive MFA system could have halted the intrusion mere moments after it started. In such cases, the adaptive MFA detects and automatically demands additional verification. If a qualified managed identity services provider had implemented the PAM platform, the presence of vulnerable hardware might have been noticed in the initial assessment. In such a case, the vector would never have been available to the hackers, thus preventing the shutdown and subsequent lost revenue.
Privileged Access Management Security for Starships
As humanity begins gearing up for a long-awaited return to the moon, issues earth-side threaten to delay the venture. In early 2019 a DoppelPaymer ransomware attack targeted precision machine manufacturer and SpaceX supplier Visser Precision. The attackers stole several confidential documents including non-disclosure agreements with Tesla, SpaceX, and General Dynamics. Additionally, and chillingly, they also stole and published a Lockheed Martin schematic for a missile antenna.
Similar cyber-attacks have struck even more audacious targets, such as the Maze attack against Pensacola, Florida. Such attacks rely upon circumventing account provisioning and gaining unauthorized access to sensitive data. However, the cyberattack against Visser Precision did not merely aim to lock users out of their systems. Unlike encrypted files, which can at least conceivably be decoded, this attack is considered a success as soon as the confidential information is in the hands of the bad actors. At that stage the enterprise loses either way.
The theft of such critical and even dangerous data needs to have a perimeter around each identity within an organization. Merely requesting a document under unusual circumstances should raise flags in automated and adaptive MFA. However, that only works if an enterprise has instituted PAM security with adaptive MFA as an accompanying feature. When remediation of compromised data is not a viable solution, then total prevention becomes the only possible remedy.
Contact a Simeio identity advisor now and learn what the ideal PAM security solution looks like for your enterprise.
