Hack­ers look to hold pro­duc­tiv­ity for ran­som

Cy­ber­crim­i­nals keep­ing fac­to­ries’ tech in­fra­struc­ture hostage un­til paid

The Washington Times Daily - - NATION - BY EMERY P. DALESIO

DURHAM, N.C. | The mal­ware en­tered the North Carolina trans­mis­sion plant’s com­puter net­work via email last Au­gust, just as the crim­i­nals wanted, spread­ing like a virus and threat­en­ing to lock up the pro­duc­tion line un­til the com­pany paid a ran­som.

AW North Carolina stood to lose $270,000 in rev­enue, plus wages for idled em­ploy­ees, for ev­ery hour the fac­tory wasn’t ship­ping its cru­cial auto parts to nine Toy­ota car and truck plants across North Amer­ica, said John Peter­son, the plant’s in­for­ma­tion tech­nol­ogy man­ager.

The com­pany is just one of a grow­ing num­ber be­ing hit by cy­ber­crim­i­nals look­ing for a pay­day.

While on­line thieves have long tar­geted banks for dig­i­tal holdups, to­day’s just-in-time man­u­fac­tur­ing sec­tor is climb­ing to­ward the top of hack­ers’ hit lists.

Pro­duc­tion lines that in­te­grate com­puter-imag­ing, bar code scan­ners and mea­sur­ing tol­er­ances to a hair’s width at mul­ti­ple points are more vul­ner­a­ble to malev­o­lent out­siders.

“These peo­ple who try to hack into your net­work know you have a set sched­ule. And they know hours are mean­ing­ful to what you’re do­ing,” Mr. Peter­son said in an in­ter­view. “There’s only a day and a half of in­ven­tory in the en­tire sup­ply chain. And so if we don’t make our prod­uct in time, that means Toy­ota doesn’t make their prod­uct in time, which means they don’t have a car to sell on the lot that next day. It’s that tight.”

He said that cre­ates pres­sure on man­u­fac­tur­ers to make the crim­i­nals go away by pay­ing the sums de­manded. “They may not know what that num­ber is, but they know it’s not zero. So what is that num­ber? Where do you flinch?”

Last Au­gust at the 2,200-worker Durham trans­mis­sion fac­tory, the com­puter virus coursed through the plant’s net­work, flood­ing ma­chines with data and stop­ping pro­duc­tion for about four hours, he said.

Data on some lap­tops was lost, but the mal­ware was blocked by a fire­wall when it tried to exit the plant’s net­work and put the hack­ers’ lock on the plant’s com­puter net­work.

The plant was hit again in April, this time by dif­fer­ent crooks us­ing new mal­ware de­signed to hold data or de­vices hostage to force a ran­som pay­ment, Mr. Peter­son said. The virus was con­tained be­fore af­fect­ing pro­duc­tion, and no ran­som was paid to ei­ther group, he said.

Man­u­fac­tur­ers, gov­ern­ment and fi­nan­cial firms are now the top tar­gets glob­ally for il­licit in­tru­sions by crim­i­nals, for­eign es­pi­onage agen­cies and oth­ers up to no good, ac­cord­ing to a re­port this spring by NTT Se­cu­rity.

A sur­vey of nearly 3,000 cor­po­rate cy­ber­se­cu­rity ex­ec­u­tives in 13 coun­tries last year by Cisco Sys­tems Inc. found about one out of four man­u­fac­tur­ing or­ga­ni­za­tions re­ported cy­ber­at­tacks that cost them money in the pre­vi­ous 12 months.

Since 2015, U.S. man­u­fac­tur­ers con­sid­ered “crit­i­cal” to the econ­omy and to normal mod­ern life, like mak­ers of au­tos and avi­a­tion parts, have been the main tar­gets of cy­ber­at­tacks — out­strip­ping en­ergy, com­mu­ni­ca­tions and other crit­i­cal in­fra­struc­ture, ac­cord­ing to De­part­ment of Home­land Se­cu­rity in­ci­dent re­sponse data. The num­bers may be im­pre­cise be­cause com­pa­nies in key in­dus­tries of­ten don’t re­port at­tacks for fear of di­min­ished pub­lic per­cep­tion.

Cy­ber­at­tacks that reach into in­dus­trial con­trol sys­tems have dou­bled in the past two years in the U.S. to nearly four dozen so far in the fed­eral fis­cal year that ends in Septem­ber, out­strip­ping last year’s to­tal, ac­cord­ing to DHS data.

“These peo­ple who try to hack into your net­work know you have a set sched­ule . ... if we don’t make our prod­uct in time, that means Toy­ota doesn’t make their prod­uct in time, which means they don’t have a car to sell on the lot that next day.”

— John Peter­son, AW North Carolina

AS­SO­CI­ATED PRESS

Mal­ware en­tered the AW North Carolina trans­mis­sion plant’s com­puter net­work last Au­gust, threat­en­ing to lock up the pro­duc­tion line un­til the com­pany paid a ran­som. On­line thieves are in­creas­ingly hit­ting to­day’s just-in-time man­u­fac­tur­ing sec­tor with cy­ber­at­tacks that de­mand ran­som to re­tract the com­puter

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.