The leading crane and lifting manufacturer Palfinger has been targeted in an ongoing cyberattack that disrupted IT systems and business operations. Palfinger is a leading maker of crane and lifting solutions with headoffice in Austria with over employees in over 35 locations generating €1.75 billion in revenue for 2019. At this time, the extent and consequence of the cyberattack are not known.
<p>Manufacturing industries tend to have machinery that need to interact with hardware, firmware and software applications. The main form of this interaction is via non-interactive generic accounts and service type accounts that have high level of privileges associated with them. Due to the nature of the business, these accounts tend not to undergo access control best practices including changing passwords when operations staff/employees leave. I would recommend that a detailed risk assessment be completed, taking into consideration access control, as part of the transformation program and moving to the cloud. This will support in identifying any risks and putting compensating controls in place to reduce risks to a level that the manufacturing business is willing to accept. An example of this could be making high privilege accounts and their execution subject to two-factor authentication or restricting high privilege execution to on-premise locations only (i.e in the factory/operation plant.)</p>
<p>In the manufacturing business, time is money, so the disruption of Palfinger’s IT services as well as order processing and shipment delays, translates to lost revenue. The single biggest threat to enterprises today is underestimating and failing to address cybersecurity across all of a company’s cyber and physical systems. Attackers are going after higher value targets and that includes operational networks. The remediation costs and efforts to repair the operational, financial and reputational damage caused by these attacks put a significant strain on leadership teams.</p> <p><br />IT and OT systems are converging and security teams need to take a new, holistic approach to cybersecurity. Businesses should deploy artificial intelligence and machine learning tools across their IT/OT networks to gain real-time visibility and identify cyber threats and resolve issues before harm is done. We know from working with thousands of industrial installations, that with the right technology and a focus on best practices, it’s possible to monitor and mitigate these risks and achieve operational resiliency. A robust cyber defense strategy is the best line of defense against sophisticated attacks</p>