Planes, ships and automobiles under attack from “spoofers”

The growing number of cyberattacks against cars is fueling fears that vehicles and industrial operational technology (OT) are being targeted and must be defended against criminal attempts to seize control of enterprise equipment, including cars, ships and even aircraft.

The findings emerged in a new research report published by global technology research and advisory firm Information Services Group. The 2022 ISG Provider Lens global Manufacturing Security Solutions report finds that cybersecurity has become a high priority for companies in manufacturing, automotive, life sciences and other industries amid recent cyberattacks against manufacturing facilities and connected vehicles. The urgent need to modernise or replace legacy systems, along with a shortage of skilled cybersecurity engineers, is fueling the growth of solution and outsourcing providers.

“Connected systems are vulnerable to a new universe of threats that keeps expanding,” says ISG Partner Bob Krohn. “Companies are quickly building capabilities to secure both operational technology and mobility.”

While machine-to-machine (M2M) communication and machine learning have helped industrial firms improve quality, maintenance and machine life, many are now using a complicated mix of legacy OT and connected technologies that are rife with security gaps, says ISG. Often, their current OT security solutions lack visibility into IoT, mobile and wireless assets. Enterprises are looking for easy-to-deploy solutions that can display all assets.

New solutions will focus on big data

Most companies with OT security challenges are implementing systems for detecting and proactively derailing threats, while some are also deploying tools that use decoys and deception to throw off attackers, the report says. ISG predicts the next wave of OT security solutions will focus on big data. These will collect similar kinds of information from multiple customers, especially manufacturing firms, and create a data lake where machine learning algorithms generate security insights and recommendations.

Worries about mobility security are especially intense in the automotive industry, intensified by the growing number of cyberattacks against cars and the introduction of new regulations that impose requirements for protecting vehicles, says ISG. Major automotive dangers include global navigation satellite system (GNSS) spoofing, which can allow attackers to take control of a vehicle, ship or aircraft, and threats that take advantage of the growing number of sensors around modern vehicles.

To counter these threats, automotive OEMs and suppliers are taking advantage of emerging tools from mobility security providers, including firewalls, intrusion detection and prevention systems (IDS/IPS) and software running on microcontrollers and CPUs, the report says.

“Mobility security is top of mind for the auto industry, given the rise in attacks against connected cars,” says Jan Erik Aase, Partner and Global Leader, ISG Provider Lens Research. “The new smart vehicle platforms require smart security, and providers are stepping up with new solutions.”