Cybersecurity: An Opportunity for Industrial Development

World trade has undergone several changes in recent years. The pandemic highlighted the need to optimize global production and supply chains to keep industries running, especially essential sectors, bringing visibility to key strategies, such as nearshoring. For Mexico, the implementation of this practice would mean the opportunity to consolidate itself ahead of other markets, such as China, as well as the ideal partner for industrial production.

To achieve this, the country already possesses several competitive advantages: its geographical location, skilled labor force, modernization of its infrastructure, and commitment to move hand-in-hand with Industry 4.0. However, just as these strengths open the door to new possibilities for industrial development, they also give way to new cybersecurity risks and challenges.

Currently, the number of security incidents faced by organizations with production and critical infrastructure operations is increasing considerably as the highly sensitive information they possess tends to be an attractive target for attackers. Kaspersky figures reveal that between January and February 2022, 50% of organizations experienced an increase in this type of incident compared to 2019, prior to the pandemic.

This is especially concerning considering that attacks on this sector have the potential to be particularly devastating, both in terms of production disruption and financial losses. At Kaspersky, we have identified that the total financial cost of cybersecurity attacks on industrial infrastructure is 59% higher than the average for other large companies.

After analyzing last year's incidents, we can conclude that the most significant changes in threats to Industrial Control Systems (ICS) are mainly marked by geopolitics and its macroeconomic factors, such as the possibility of Mexico to attract new production chains in the face of the global situation — factors that, according to our experts' forecasts, will continue to be exploited by cybercriminals in the coming years.

In the first half of 2022 alone, our solutions blocked malware attacks on 32.4% of ICS computers in Latin America. In Mexico, this percentage was also more than 30%. During this period, the oil and gas, manufacturing, and energy industries were the main targets. For this year, it is expected that sectors like agriculture, logistics and transportation, high technology, pharmaceuticals, and medical equipment manufacturers will suffer more attacks, although traditional targets, such as the military and government, will also be in the crosshairs.

In general, among the risks, we anticipate a shift in Advanced Persistent Threats (APTs) against organizations and smart devices (OT), in addition to expanding attack vectors due to increasing digitization as well as rising energy and hardware prices and criminal activity to collect user credentials.

An important element to consider is the level of threat that some employees within a company will pose. Whether it be associates in production plants, technological developments, product manufacturers, or service providers, who in turn work with criminal groups specialized in extortion, or a miscommunication between security employees and analysts in this sector who work in countries currently in conflict, these scenarios will negatively impact threat detection.

As I mentioned earlier, geopolitical fluctuations will have a global effect on industrial cybersecurity throughout this and the next few years. The decrease in the quality of threat intelligence will lead governments to try to control information about incidents, risks, and vulnerabilities. Additionally, along with the increasing activity of hacktivist groups, who work for local and international political interests, we will see more ransomware attacks on critical infrastructure as they are difficult to detect.

The increasing involvement of governments in the operational processes of the industrial sector, including connections to the cloud and state services — often less protected than those of private companies — will generate additional risks for information systems. Due to the significant number of unskilled employees in public institutions as well as the lack of a cybersecurity culture and internal security practices, there is greater danger for confidential data leakage.

To ensure that these risks do not affect critical industrial processes, it is essential that organizations work with the right security provider, one that is capable of offering solutions that reliably monitor the network and that help detect and block threats in a timely manner.

Likewise, they must ensure the protection of their entire Operational Technologies environment; that is, the use of hardware and software to monitor and control physical processes, devices, and infrastructure, with various customized equipment and systems. It is also important that they are aware of vulnerabilities in industrial system software to prevent them from being exploited by advanced threats and to minimize the possible consequences of a cybersecurity breach.

A crucial element for industries in Mexico is to consider cybersecurity as a business enabler that will allow them to generate wealth, maximize resources, partner with other sectors, and accelerate production so that the inherent risks to technology advancement do not become growth obstacles. Beyond the risks, the digital industrial revolution must be seen as an opportunity, especially if cybersecurity is guaranteed.