Dragos is pleased to announce the release of the Manufacturing Sector Cyber Threat Perspective, a comprehensive analysis of recent observations of ICS-targeting threats to manufacturing organizations along with practical defensive recommendations. This article touches on highlights from the November 2020 report, which is available for download in its entirety here.
Cyber risk to the manufacturing sector is increasing, led by disruptive cyberattacks impacting industrial processes, intrusions enabling information gathering and process information theft, and new activity from Industrial Control Systems (ICS)-targeting adversaries. Dragos currently publicly tracks five ICS-focused activity groups targeting manufacturing: CHRYSENE, PARISITE, MAGNALLIUM, WASSONITE, and XENOTIME in addition to various ransomware activities capable of disrupting operations.
Dragos has not observed ICS-specific malware targeting manufacturing operations on the same scale or sophistication as that used in the disruptive TRISIS and CRASHOVERRIDE malware attacks that targeted energy operations in Saudi Arabia and Ukraine, respectively. However, known and ongoing threats to manufacturing can have both direct and indirect impacts to operations.