Security Breach

When discussing the industrial sector’s threat landscape, we often detail events that result from vulnerabilities discovered by hackers probing for soft spots within an organization’s networks, connected infrastructure or data storage centers.

However, taking a look at Nuspire’s latest Threat Landscape Report reiterates the need for manufacturers to keep their defenses up even when working with documents, files or websites that would appear to have limited interest from hackers and no connection points to outside parties.
Nuspire reported a 28 percent increase in malware attacks – or about 52,000 detections a day during the second quarter of 2022. While many are being detected and blocked before being seen by the user, some are getting through by disguising themselves as add-ons or support tools for Microsoft Office documents.

Once the user clicks for additional information within these software programs, which contain embedded on-line connections in providing legitimate support and downloadable tools, the malware is downloaded, providing a gateway to any and all of that user’s network, cloud, system and software connections.

During this same period, the company reported a 100 percent increase in botnet activity – reaching a rate of nearly 20,000 attacks per day. This form of malware attaches itself to web pages and emails. Once it is unintentionally downloaded via the targeted user clicking on a link or agreeing to download a false asset, the bug can log keystrokes in stealing login and other personal information that often feeds into ransomware attacks.

Joining us to discuss these ongoing threats is Mike Pedrick, VP of Cybersecurity Consulting for Nuspire – a leading managed security services provider.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.
If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at [email protected].
To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

There’s a reason the term industrial-grade is used to express the highest levels of reliability and durability for products. After all, if a material, technology or tool can handle the rigors and demands of manufacturing, chances are it can meet the needs of any other application.
We’ve been through these facts before, but they’re worth repeating. IBM has cited manufacturing as the number one target for cyberattacks. The FBI is expecting a 400 percent increase in phishing attacks. The average ransomware attack demand has nearly tripled in the last two years. It’s fair to say that these attacks will continue to get more complex and occur even more frequently.
So, the strategies and software successfully implemented by manufacturing could serve as a model for countless other industries, institutions and individuals to emulate.
One of the companies looking to enhance all these vitally essential cybersecurity protocols for the most important sector of our global economy is Rockwell Automation. And joining us today from Rockwell is Quade Nettles, Cybersecurity Product Manager at Rockwell Automation.
For more information on the work Rockwell does, you can go to rockwellautomation.com.
To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at [email protected]

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.
If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at [email protected].
To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

The latest high-profile hack of Dole Foods reinforces the need to upgrade operational technology security, and not just for the manufacturer. The distributors, logistics providers, retailers and end-users that rely so heavily on the role manufacturing plays are beginning to understand how critical and far-reaching the effects of a production-ceasing hack can be.
And so do the bad guys.
According to a survey from Nozomi Networks, 63 percent of respondents classify current cybersecurity threats targeting industrial control systems as high, severe or critical. This would support findings from Fortinet that 93 percent of manufacturers responded to at least one OT intrusion between 2021-2022, and 78 percent dealt with more than three such incidents. Additionally, the firm found that 61 percent of intrusions targeted OT assets.
On this episode we're joined by Carlos-Raul Sanchez, Director of Operational Technology at Fortinet, a leading provider of OT Cybersecurity solutions to discuss these challenges.
We’re excited to announce that Security Breach is being sponsored by Rockwell Automation. For more information on their cybersecurity solutions, you can go to rockwellautomation.com.
To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at [email protected].

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.
If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at [email protected].
To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Inside the resurgence of ransomware attacks and the rise of billion-dollar "unicorn" hacker gangs.
Believe it or not, there was a time in recent history when we actually experienced a reprieve in ransomware attacks. According to a report from Black Kite, a leading provider of third-party risk management and cyber intelligence, a number of factors contributed to a flattening of ransomware attack frequency in late 2021 and into 2022.
Unfortunately, the bad guys evolved and ransomware attacks have surged in early 2023, with the number of ransomware victims in March of this year coming in at nearly twice that of April 2022, and 1.6 times higher than last year’s highest monthly total.
New players like Black Basta, as well as new strategies from well-known adversaries like LockBit once again brought manufacturing to the top of the list of favorite targets. According to the report, manufacturing represented nearly one out of every five attacks.
Our guest for today’s episode is Jeffrey Wheatman, a Cyber Risk Evangelist at Black Kite.
We’re also excited to announce that Security Breach is being sponsored by Pentera. For more information on their cybersecurity solutions, you can go to Pentara.io.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.
If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at [email protected].
To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

So, my daughters like to give me a hard time about growing old.

Said another way, I’m a legacy asset - just like most of the devices many of you observe, manage and secure every day. Your machines are still in place because they work. While the technology around these assets has evolved, their core functionality and value to the production process has remained constant.

But as sensors, network connections and access parameters have been upgraded to improve output, these highly prized pieces of equipment are showing their age from a cybersecurity perspective. The challenges they present are reinforced with findings from Fortinet’s 2024 State of Operational Technology and Cybersecurity Report.

A couple of key takeaways include findings that show nearly one-third of respondents experiencing six or more intrusions in the last year. Additionally, fewer respondents claimed 100 percent OT system visibility – with that number decreasing from 10 to five percent. On the bright side, we’re getting better in some areas, with 20 percent of organizations establishing visibility and implementing segmentation, up from only 13 percent the previous year.

Joining us to discuss these and other trends is Jon Taylor, Director and Principal of Security with Versa Networks, a leading provider of digital transformation and edge security solutions. Watch/listen as he discusses:

• Why the Purdue model might re outdated and preventing many from using new strategies like SASE.
• Why he believes visibility is security - "you have to see it do defend it," and how AI could be the solution.
• The need for OT to look at vulnerabilities from a network or architecture perspective, not by device or conn

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts Spotify

Listen on: Apple Podcasts Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.
If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at [email protected].
To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.