Blog

Latest insurances policy and benefits discussion

CYBER ATTACK ON MANUFACTURING/PRODUCTION PLANT

29 Jun 2017
admin

Manufacturers are increasingly being targeted with cyber crimes, not just by traditional malicious actors like hackers and cyber-criminals, but by competing companies and nations engaged in corporate espionage as well. Motivations for cyber attack range from money and revenge to competitive advantage and strategic disruption.

What happens to a manufacturing business when its production operations suddenly grind to a halt? And what are the consequences of being unable to satisfy market demand? In today’s business environment of increased automation, connectivity and globalization, even the most powerful organizations in the world are vulnerable to debilitating cyber-threats increasing the need for cyber insurance. Also, as production spreads across the globe, regional and national politics are becoming an increasingly important factor in corporate and manufacturing policies.

Types of cyber-attack

Traditional attacks -Traditional cyber attacks involve hackers gaining unauthorized access to sensitive systems and data by tricking executives and their staffs into revealing login credentials and other private information, giving cyber attackers’ front-door access to the organization’s systems. For example hackers can infiltrate the manufacturer’s corporate network and install malicious software. This malware allows the attackers to obtain employee log-in credentials, which in turn could be used to target other key systems within the company that contains intellectual property. These cyber attacks target intellectual property related to automotive technology to blackmail the company, or to gain competitive advantage.

Advanced attack– Advanced malware is another type of cyber attack that is becoming increasingly common in manufacturing sector – and becoming increasingly disruptive. In an era of worldwide connectivity when more and more industrial systems are connected to the internet, this malicious software infiltrates weak systems and hardware and then spreads itself to other systems, leaving behind a trail of destruction and disruption.

For Example attackers use a variant of advanced malware to infect multiple industrial plants around the world. Once the infection spreads, the attackers could take control of systems used to monitor and control critical industrial systems such as power plants, and influence their inner workings.

CAAS and Ransomware– Cyber crime-as-a-service (CAAS) refers to organised crime rings offering services such as on-demand distributed denial of-service attacks and bulletproof hosting to support malware attacks, among other things. According to a report, there has been 33% spike in CAAS, and “exploit kits” globally.

Cybercriminals employing ransomware or crypto-ransomware — a sophisticated software that incorporates advanced encryption algorithms to block system files and then hackers ask for ransom money.

For instance a global cyber attack affected over 100 systems of Andhra Pradesh Police and several Indian firms across the country. Operations of two manufacturing firms in Delhi, two South India bank branches, an MNC’s manufacturing unit and a Mumbai-based FMCG company were also hit. There were also reports that the computer virus had brought production to a stop at a Nissan Renault Alliance plant on the outskirts of Chennai, Tamil Nadu. “About 100 systems were attacked.

Insurance Solution-Cyber Liability Insurance

Cyber Insurance covers losses arising from cyber attacks tend to fall into one of two categories-First party losses and Third party losses.

First party losses consist of costs directly incurred by Insured as a result of cyber attack such as costs incurred in connection with extortion money, business interruption, privacy notifications, Public relations efforts, and forensic investigations, restoration of data and ransom/extortions payments.

Third-party losses are liability losses, and include defence costs and indemnity payments in connection with customers’ claims for damages including defence cost and regulatory investigations covered under cyber insurance.

Cyber insurance typically covers expenses related to first parties as well as claims by third parties.

Few Instances of Cyber attack on Manufacturing /Production Plant

In May 2015, two Indian conglomerates were victims of cyber attack and were forced to pay $5 million each in order to prevent hackers from disclosing information that could have implicated them in a wrongdoing. Investigations revealed that the hackers had gotten into the companies’ IT systems two years before but waited for right opportunity. The hackers threatened that both the companies pay the money or the documents and email trail would be leaked to the public. Eventually, both companies paid the ransom to the hackers.

Damage caused to a blast furnace in a German steel mill

German authorities revealed at the end of 2014 that one of their blast furnaces had been the victim of a cyber-attack. The attackers succeeded in infiltrating into the corporate company network using malware. Then, once inside, they continued to navigate through the network to access the production management system. From there, they were able to destroy several control systems resulting in directly stopping one of the blast furnaces from closing correctly and causing substantial damage to their manufacturing facility.

Armaco

In August 2012, a coordinated “spear-phishing” attack targeted the computer network of Saudi Arabia’s state-owned oil firm, Aramco. This cyber attack infected as many as 30,000 computers and took two full weeks to beat, but it failed to completely shut down the flow of oil, which appeared to have been its goal.

Flame

In May 2012, Russia’s Kaspersky Lab – one of the world’s biggest producers of anti-virus software discovered –a highly sophisticated virus directed at Iran. This virus, Flame – which ran undetected for years – was designed to steal PDF files and AutoCAD drawings. It means, the originator of this cyber attack was after designs, plans and preciously guarded IP data locked inside some of the country’s biggest industrial facilities.

(Disclaimer- Above mentioned report was prepared on the basis of information available in the public domain.)

[sharethis]Share it
29 Jun 2017
admin

According to a new World Energy Council report, keeping the lights on is becoming an increasingly difficult task nowadays. It warned of a “massive increase” in the number of successful cyber attacks in the past year against energy firms.

Following the trends, India is set to see a countrywide cyber security audit of its power distribution and generation system to prevent hacking as state grids and plants which increasingly became smarter with large-scale deployment of digital technology.

Indian power equipment manufacturers have repeatedly been raising alarm over the issue as city grids are being smartened up with SCADA (supervisory control and data acquisition) systems.

SCADA is a computer based industrial automation control system that practically makes factories and utilities run on their own. In an electrical system, SCADA maintains balance between demand and supply in the grid.

Chinese firms have bagged SCADA contracts for more than 18 cities. More such contracts are on the anvil. Besides, they have also qualified to bid for three transmission links being laid by the Centre to strengthen the national grid.

SCADA contracts have long tenures and include maintenance of equipment. Transmission lines are given on build, own, operate, and transfer basis spanning up to 35 years. This allows contractors to place their personnel on site in case of SCADA projects and control operations

in transmission lines, allowing ample scope for planting of bugs at a later stage.

The states also agreed to conduct mock drills simulating disasters and hackings to test preparedness for reviving downed systems. Government sources said they also agreed to nominate a chief information security officer, an acknowledgement of cyber threats and the need to take them seriously.

Potential Risk in the event of cyber attack on Power Grid

• Physical damage to electric system
The possibility of a cyber-attack causing physical damage to electric system equipment is very high. Attacker can cause huge amount of destruction through cyber attack on power distribution system. An attack was performed by researcher of National laboratory in which a diesel generator was destroyed by a simulated cyber attack; attacker can use same method to destroy the powergrid.

• Denial of service Claims-A cyber attack on phone systems, possibly a Denial of Service (DoS) attack, can prevent the utilities from receiving calls from customers reporting outages.

• Power Service Disruption (Business Interruption) – The Cyber attack on Power Grid can result in disruption of power supply and cause huge amount of restoration cost and loss of revenue. The attacker can employ a variety of techniques to delay the utilities’ recovery efforts, including disabling control centre battery backup power, preventing grid operators from sending remote commands to re-close the circuit breakers and restore power, erasing and corrupting various systems at the utilities using cyber attack.

• Third Party legal liability- If customer’s personal data are compromised during cyber attack on Power Grid, they can sue Power Grid Company and may ask for compensation.

• Cyber Extortion- Once malware infects power grid’s system, it either encrypts critical files or locks a user out of their computer. It will prevent the Power grid company to restore the electricity supply to its normal stage. It then displays a ransom message that usually demands virtual currency payment in exchange for a cryptographic key to decrypt or unlock those resources. The message may also threaten to publicly release compromised data if the payment demand is notmet.

• Regulatory Responses Cost, Civil fines and Penalty

• Crises Management Expenses, Response costs, Forensic Investigations Cost.

Insurance Solution

Cyber Liability Insurance

Cyber Insurance covers losses arising from cyber attacks tend to fall into one of two categories – “first-party” losses (the Power Grid’s direct costs/loss) and “third-party” losses (liability losses).

First-party losses consist of costs directly incurred by the Power Grid as a result of the cyber attack, such as costs incurred in connection with business interruption, privacy notifications, public relations efforts, forensic investigations, restoration of data, and, ransom/extortion payments.

Third-party losses are liability losses, and include defense costs and indemnity payments in connection with customers’ claims for damages including defense cost and regulatory investigations.
Cyber insurance typically covers expenses related to first parties as well as claims by third parties.

(Disclaimer- Above mentioned report was prepared on the basis of information available in the public domain.)

[sharethis]Share it