Many people are getting more and more comfortable with customization with some of them unaware of the data they are unwittingly but willingly providing companies. The convenience of being served with products and services tailored to their needs actually comes with a price: consumers are being tracked.
Several start-ups across the world, aware of the demand, have since kicked off their mass customization practices. Consumers can now have their own names on the sole of their shoes, get a bespoke necklace, as well as better-fitting body implants, personalized doses of medicines, and more.
In technology, video and music streaming services track the users’ behavior and offer suggestions based on the content they picked or previewed.
While these are proofs of the power of technology when harnessed correctly, the flexible and highly connected manufacturing process also opens a wider attack surface for cybercriminals. The latest report from Kaspersky for industrial automation systems showed that Asia and Africa are the least secure globally during the first six months of 2020.
Asian regions occupy 4 out of the top 5 positions in the regional rankings based on the percentage of Industrial Control Systems (ICS) computers which were almost infected in the first half of the year. Southeast Asia recorded the highest percentages, leading in several ratings:
- percentage of ICS computers where malicious activity was blocked – 49.8%
- percentage of ICS computers where internet threats were blocked – 14.9%
- percentage of ICS computers where malicious email attachments were blocked – 5.8%
Africa comes second while Central, East, and South Asia follow closely at third, fourth, and fifth places respectively.
In terms of ransomware, regions in Asia still led with a noticeable margin in the regional rating. Over half of the countries in the top 15 rankings are from APAC.
“It is not surprising that ICS computers in the Asia Pacific were exposed to the highest number of cyber threats as the region is well on its way in building a customer-centric future,” said Stephan Neumeier, managing director for Asia Pacific at Kaspersky. “Smart systems and automated productions require in-depth, intelligent defenses to foil malicious disruptions, with possible aftermaths that can cross from the virtual to the physical realm. To avoid grave circumstances, a secure-by-design approach is necessary. Cyber immunity against attacks should be ingrained at the very fabric of the present and the future industrial systems.”
An example of a secure and beneficial application of Industry 4.0 was done by Kaspersky and Siemens for Singapore Aquaculture Technologies’ (SAT) first smart floating fish farm. A first in Singapore and is expected to produce 350 tonnes (350,000kg) of fish annually, the S$4 million aquaculture facility is set to cater to the needs of Singaporeans for quality fish while also addressing the challenges posed by climate change that has resulted in declining fish populations.
“Consumers now are concerned about the origin of their food, the type of environment it is from, and the harvesting processes done before it arrived at their dinner table. With climate change and environmental challenges, food production should now be both ethical and sustainable. This is possible when we use available technologies right,” said Raimund Klein, executive vice president for Southeast Asia at Siemens Digital Industries.
“By using innovative advanced predictive analytics such as machine learning and video analytics, we help the SAT to predict potential biomass growth and prevent the outbreak of diseases, hence reducing fish mortality. We are also paving the way for scalable, highly flexible and above all environmentally efficient aquaculture across the entire value chain,” he added.
To protect ICS environment from malicious attacks, Kaspersky recommends the following:
- Provide staff with basic cybersecurity hygiene training, as many targeted attacks start with phishing or other social engineering techniques. Conduct a simulated phishing attack to ensure that they know how to distinguish phishing emails
- Provide SOC team with access to the latest threat intelligence (TI). The Kaspersky Threat Intelligence Portal is a single point of access for the company’s TI, providing cyberattack data and insights gathered by Kaspersky over more than 20 years
- For endpoint level detection, investigation and timely remediation of incidents, implement EDR solutions, such as Kaspersky Endpoint Detection and Response
- In addition to adopting essential endpoint protection, implement a corporate-grade security solution that detects advanced threats at the network level at an early stage, such as Kaspersky Anti Targeted Attack Platform
- Make sure you protect industrial endpoints as well as corporate ones. The Kaspersky Industrial CyberSecurity solution includes dedicated protection for endpoints and network monitoring to reveal any suspicious and potentially malicious activity in the industrial network