Cybercrime raids industry

Cybersecurity is still far from receiving the attention it deserves. This while the risk of a cyber attack, at 1 in 5, is many times higher than the risk of fire (1 in 8,000) or a burglary (1 in 250). In the coming years, the industry will be investing heavily in digitization. This investment is necessary to remain competitive. At the same time, cyber risks are increasing as a result. In short: industry is becoming increasingly dependent on its digital infrastructure. And in addition to many advantages, this also brings risks. In this article, we look at the risks and give advice on what you can do to prevent them.

Cyber risks pose a major risk to businesses. For example, the damage caused by ransomware is estimated at 20 billion euros in 2021. About two-thirds of all companies were affected by ransomware in 2021, according to research by security firm Sophos. Furthermore, an average of 30,000 websites are hacked every day and the likelihood of a cyber hack is 8 times greater than the likelihood of fire. 

The industry has a relatively high number of reported external attacks. According to CBS, 9% of companies in manufacturing reported an outside attack in 2019. In about half of the cases, this was accompanied by costs. Cybercriminals hit their stride through phishing, ransomware and DDoS attacks, among other things, and in this way make a lot of money.

Industry is certainly not leading the way in cyber defence. The CBS indicates that, compared to other sectors, industry scores low in terms of:

• Encryption (encryption) of data
• Performing risk assessments
• Policy for strong passwords
• Updating software and operating systems

As in other sectors, larger companies take more measures than smaller companies, although almost every company in the Netherlands is a potential target for cybercriminals. However, there is one factor that makes industry extra vulnerable. In the office environment, people often work with standard systems that are continuously updated, the well-known IT systems.

In operational environments one uses so-called OT systems, which stands for Operational Technology. These control machines and involve customization. With the development of IoT (Internet of Things) and other 'smart industry' applications, OT systems are becoming even more dependent on IT. All this increases the likelihood of cyber incidents. OT systems are regularly 10, sometimes even 15 years old. It is known that these systems are much more vulnerable, especially if updates are not available or not implemented. These vulnerabilities are known to cybercriminals. They capitalize on this by targeting attacks on these OT systems.

In addressing cyber risk's, both technology and organization play an important role.

Technology Many customers do not know that the technology used is not always safe. With customers, we often hear, ''Our data is in the cloud so that's okay.'' That is a misconception. The cloud is well secured, but it is insufficient to lean solely on your IOT vendor. We see that cybercriminals are increasingly targeting Cloud providers. On the dark web, cybercriminals can buy software. This software is called Cybercrime-As-A-Service. With this they digitally break into the environment of a Cloud provider.

As already mentioned, in the manufacturing industry you see that the Technical Services work with their own systems. These systems are often separate from the rest of the ICT infrastructure and are updated or monitored less intensively, which makes them more vulnerable. Make sure that these systems also come under 1 umbrella so that you can guarantee security.

Organization To prevent cyber risks, it is also important that the organization around cybersecurity is in order. Within your company, examine where data is collected and exchanged. In industry, data is often exchanged with suppliers and customers. Therefore, make good agreements on data security. It is not only important to pay attention to the prevention of cyber risks. You also need to think about the measures you will take if you are hacked. Which experts should then be called in? What are the consequences if production has to be stopped? How do you communicate to employees and customers?

We've listed a few tips for you for each section. With these measures, you can better address cybersecurity.

Strategic:

• As a board, embrace the issue and propagate it within the organization.
• Make an employee responsible.
• Consider hiring an expert agency if you have insufficient knowledge within your organization.
• Put the topic on the agenda periodically, determining what insights you want to gain and with what frequency.
• Report on incidents. That way you can learn from them.
• Make explicit agreements with your suppliers and customers about cybersecurity.

Technical:

• Make backups on time.
• Use only secure internet hotspots.
• Make use of programs that can track suspicious mails.
• Remote access: via multifactor authentication.

Organizational:

• Install updates on time;
• Change passwords regularly.
• Make use of strong passwords.
• Make use of double encryption.
• Invest in training for staff.
• Insure against damage from cyber incidents.

To limit the damage of cybercrime, in addition to the above policy, technical and organizational measures, you can also insure yourself against cybercrime. This can be done with cyber insurance.

Klaas Rijpsma (Risk Specialist Insurance - Rabobank): "For most companies, data files are considered their crown jewels. If they are held hostage, cybercriminals can demand a considerable ransom for them. In addition, data fields can be corrupted. These are fields where you enter a name or address. These data fields must be repaired and the costs for this can run up to € 250,- per data field. There are also costs associated with the forensic investigation of the data breach and the adjustments required to prevent a recurrence. In addition, there is an Incident Response Team that is available 24/7. Cyber experts are there to advise and assist you immediately after the incident. Then there is the aftercare. There is a good chance that your company's turnover will be temporarily reduced or even non-existent. That risk is also covered in most cases with this insurance. You will also receive advice on what to do if you are hit by an attack, including keeping any reputational damage under control. After all, you are obliged to inform your clients about the cyber attack."

 

Source: Rabobank