Cybersecurity Companies today face the issues of Digital Transformation, Manufacturing 4.0 (or Industry 4.0), IoT ( Internet of Things ) now evolved into IoE (Internet of Everythings), connecting not only their information systems but also their own products and the same production lines with “intelligent components,” actually hybrids of Hardware and Software, in web application ecosystems exposed to the world. Finally, even the topic that for a long time remained on the Board’s table and relegated to the desk of the IT manager (strictly off the Board in most Italian companies) has come to the attention of Top Management: Cyber security.
Cybersecurity (as we called it before it was trendy to call it Cybersecurity) is not yet a “Must Have.” In business logic, it is not yet integrated with product R&D: first, it must be brought to the market with the greatest amount of innovation possible, and then, when it reaches success, you also start thinking about aspects relating to security … indeed, to be honest, with very few exceptions, the issue becomes really relevant at the first “security breach, “when the first tile rains. Why does this happen?
The (false) beliefs strongly rooted in most can be summarized in these three answers – real – of many entrepreneurs (but also managers) on the subject:
- never had any problems;
- we are not an interesting target;
- We have nothing of value in our information.
“Never had problems.”
In recent months, the first response, which was the most common alibi for many years, has begun to waver visibly because, even among SMEs, unfortunately, few have not yet burned themselves. In fact, one in 4 companies reported having suffered a cyber incident in the last 12 months (Clusit 2021 report).
“I have nothing of value.”
For those who recognize themselves in the third answer, I agree that it makes no sense to talk about Cybersecurity; rather, they should understand how to remain on the market without value in their know-how.
The rest of the world
For all the others, I describe below the two main cyber threats for companies today to be aware of the risk deliberately left behind by those who have made a business of several billion to make their decisions confidently. Just to give a number: according to a statement by the MISE, the “estimated damage” from Cybercrime for Italian companies in 2020 is 7 billion euros.
Man in the Middle (MITM)
A Man-in-the-Middle attack(MITM) is simple and not limited to the online world or home computers. Through these attacks, the criminal inserts himself between two entities that are trying to communicate with each other, poisoning the communication and intercepting the messages sent.
The criminal usually exploits weaknesses that allow him to control the email and alternately pretends to be one of the parties to poison the messages: he inserts himself between the target (the victim) and the source (the server or the router) that the former is looking for to contact. If the criminal manages, for example, to breach the mail system, then neither the victim nor the source that the criminal is impersonating will be able to realize this.
Examples of different companies seen in the main newspapers can be summarized as follows: the chief financial officer of BigCorp receives a message from the new CEO, who has risen to the top of the company for just under a month but has already been on the board for some time.
The subject of the email is an, after all, routine order within a reality with cash flows in the hundreds of millions of dollars: the CEO asks to make a payment of 3 million dollars for a new Chinese supplier…. of course, the CEO never made the request, and $ 3 million was stolen!
Of course, malware can spread throughout the corporate network by encrypting the content of shared folders to which the infected user has access. All this can lead to total company paralysis. 30% of cyber incidents are attributable to malware extortion.
In manufacturing 4.0
Suppose those who have a normal backup process can get away with a simple organizational recovery effort in the event of ransomware. In that case, the exit strategy in the event of ransomware attacks on the production line is more complicated, which sees the same extortion logic applied to blocking machinery/products.
Scenario 1: The production line is blocked with a ransom note
Scenario 2 (much worse): The machines/products installed at the customers are blocked upon request for a ransom
Digitization is a great opportunity, and it is inevitable to remain on the market, but it must be tackled at 360 ° also considering the threats because behind Cybercrime there are not only “hackers” and “kids” but also large international criminal organizations. The question is no longer whether we will be attacked or not, but when. Moral: entrepreneur friends, come prepared!