When cyber criminals can close both a luxury car manufacturer and a major beer manufacturer in the same month, it is clear that no area is protected from operating disruption.
Jaguar Land Rover (JLR), which is now supported by emergency government funding, is preparing Start production again Which is called one of Britain’s worst cyber incidents. Meanwhile, Japanese Brever Asahi is struggling with production stops due to a malicious cyber attack.
Experts say the goal of the attackers is no longer about stealing sensitive data; The actor of danger is aiming for the all-out paralysis of a business, resulting in tangible, real-world consequences.
“These recent events give examples of how the supply chain agreement is now being targeted in the important manufacturing sector, until the target afflictions are paid or with a clear goal of discontinuing production, sales or logistics to the folds,” Eric AwakianA technical consultant on Information-technical research group,
Protecting JLR’s “very affected” supply chain
Attack on JLR began on 31 August, indicating the company Stop production The next day (1 September). Thousands of workers have been temporarily closed due to the attack, and the company is expected to lose. ₤ 50 million ($ 67.3 million) one week,
The scattered lapsus $ Hunters Group claimed responsibility and is believed to have been employed to trick employees to hand over the system credentials.
JLR is one of the largest exporters in the UK and the UK operates the largest supply chain in the automotive sector, which employs about 120,000 workers.
The company’s supply chain has been “very impressed” by closing, which inspired the UK government to float JLR £ 1.5 billion ($ 2 billion) through loan guarantee. The money comes from a commercial bank, and JLR needs to pay back back in five years. JLR has confirmed that it will resume car production in “coming days” for financial boost.
The UK business and business secretary Peter Kyle said, “This cyberlack was not only an attack on a reputed British brand, but also on our world-agronic automotive sector and on men and women whose livelihood depends on it.”
JLR says it continues to “work” around the clock with cyber security experts, the Government of Cyber Security Center (NCSC), Government of UK, and to ensure that the restarts are “safe and safely completed.”
Taps no longer flow on Asahi
Meanwhile, the Asahi group Holdings announced this week “System failure“Due to a cyber attack. Beer Brever has suspended orders, shipments and call center operations including customer service desk in group companies in Japan.
Ashi said that, so far, personal information or customer data has “no confirmation”. The company is actively investigating the reason and is working to restore operations, but there is no estimated recovery timeline.
Attacker ‘feeding frenzy’
David Shipli Of Biocran security These phenomena are called “symptoms”, rather than the root causes, the trends of cyber risk in manufacturing; This is essentially “cost of global cyber crime tax” and this occurs when companies declare “cyber defense bankruptcy”, he said.
IT and security expenses are being cut, leading to the outfits of the organizations “fall from the danger of the danger and injury,” he said. Firms are investing capital in automation to make themselves more competitive, but also makes them even more unsafe for cyber disruption.
“The rescue of these organizations is being reduced at the worst time because they cannot afford to maintain them,” he said. “Danger actors see the opportunity to hit these outfits, and there is a bit of a feeding frenzy now because they realize that many firms are in the same position as JLR.”
Roger GrimsCISO Advisor on Human Risk Management Forum Knowbe4It was agreed that cyber security is related to lack of investment. He said, “After seeing malicious hacking for more than three decades, I also get worse, I cannot even think what the ‘Tipping Point event’ would have to wake up to the world and finally to apply a really better cyber security for the world.”
The attackers still succeed with methods of common attack
Although Asahi has not yet mentioned how the attackers entered their system, JLR was a victim of an attempt-and-child fishing attack.
Threatening actor use phishing and Spear Fishing, as they work, exploit human psychology and error, said Avakian of information-technology. When layered controls are not applied, “A click on a malicious attachment still actually takes all this for a successful agreement, without knowing what happened without the target user.”
“The ransomware can be quite disruptive,” NEB 4K Grims agreed. 70% and 90% successful hack includes social engineering, claiming, yet companies are not motivated to improve cyber security and human risk management.
The same goes for patching; Google Mandiant has stated that unpartned software and firmware are included 33% successful hack (Often mixed with social engineering), he said, yet companies still have thousands of unpublished elements in network and important infrastructure.
Hackers continue to focus on unpetitive VPN, network safety devices and middleware, and active directors make privileged growth through modifications, Avakian said. In addition, they are rapidly compromising third-party software supply chain.
Once they achieve unauthorized access, the attackers can hide their appearance and cover their tracks, and patiently “wait for the right time” to move forward. “Some groups sit for weeks to map the business, ensure maximum disruption,” he said.
Enterprises require a multi -level approach
Enterprises should adopt a strong, multi-level approach to safety control, reaction and cyber hygiene, and the zero trust should hug, where access is “isolated, monitored and reusable,” Avakian said. Map ERP, logistics, warehouse and other business-matured systems, they advised, and applied security measures such as micro-segmentation, privileged user management (PAM), and multi-factor authentication (MFA).
A “breech breech” mentality is important; This means regular tabletop exercises, continuous monitoring and danger hunting. Flexibility means reviewing the event response plans and playbooks, and employing air-gapped backup, said Avakian.
“At the end of the day, the attackers are still able to succeed as they can target chokpoints in business operations and take advantage of ransomware/forced recovery to force quick business decisions,” he said.
AI brings even more sophistication, said, the attackers allow the attackers to work on “tremendous speed and scale”, whether it is a faster generation of fish, scanning, or controlled weakness test.
In fact, Grims estimates that by 2026, almost all hacking will be AI-SAC. Organizations should meet hackers on this turf, with the use of agent AI-competent cyber defense tools. He said, “AI Bots, and the best algorithms will win against AI Bots of good actors.”
