IR4.0: Manufacturing sector urged to step up cyber security

It is vital to have security as part of the design phase and the investment strategy

by S BIRRUNTHA/ pic by ARIF KARTONO

AS A forefront of the Industrial Revolution 4.0 (IR4.0), the manufacturing industry is urged to strengthen its security systems to facilitate smart Internet-connected manufacturing in the future.

Trend Micro Inc VP of security research Rik Ferguson (picture) said the manufacturing sector particularly is not used to being connected, as they are usually an isolated factory environment where its prime importance is safety.

“Safety is a very different concept than security, so we need to give security, particularly cyber security, the equal importance as it is a whole new challenge and paradigm. They might not be equipped with the necessary skills, so it’s about being able to pull in expertise from a traditional cyber security environment and bring that to the industrial space,” added Ferguson.

“It is vital to have security as part of the design phase and the investment strategy, and this is to make sure that their manufacturing capabilities do not fall as victims to ransomware,” he told reporters on the sidelines during Trend Micro’s Security Trends 2019 conference yesterday.

Ferguson added that being in the industry of connected devices, it will open up the possibilities of security threats such as industrial espionage and stealing of intellectual property from manufacturing.

“These are real possibilities and we know that these have been already happening. The more connected devices there are, the more targeted they get to be.

“So, it is a ground-up effort, because if you were to build security only after you have been attacked, it is going to be a lot harder than if you have already built it from the beginning.

“We have learnt some very important lessons throughout history, as the Internet itself was not designed with security and we saw successful threats all the way back during the 70s and 80s.

“When it comes to manufacturing industry, those lessons haven’t really been learnt, as we continue to see the development of threats like ransomware, cryptocurrency mining and exploit kits,” he said.

Ferguson also highlighted apart from the manufacturing sector, any sectors that are using artificial intelligence, machine learning and big data are easily vulnerable to security threats.

Trend Micro Malaysia Sdn Bhd MD Goh Chee Hoh said sophistication and stealth are the name of the cyber security game today, as corporate technology and criminal attacks have become more connected and smarter.

“From attackers, we saw intentional, targeted and crafty attacks that stealthily take advantage of people, processes and technology.

“However, on the business side, digital transformation and cloud migrations are expanding and evolving in the corporate attack surface,” he said in his speech at the conference yesterday.

He also added that in order to navigate this evolution, businesses need a technology partner that can combine human expertise with advanced security technologies to better detect, correlate, respond to and remediate threats.

According to Trend Micro’s roundup report for the first half of 2019 (1H19), close to 2.5 million malware threats were detected, reported and blocked in Malaysia, and the country came in second after Singapore in South-East Asia.

Malaysia was ranked third in the region for blocking 3,568 banking malware threats during the same period.

Trend Micro also detected a significant surge of 256% in fileless events (also known as a non-malware) compared to the 1H18.

Exploit kits remained a credible threat as it has made a comeback in the 1H19, with an increase of 136% compared to the same period last year.