How to Secure the Automotive Aftermarket
To help develop awareness of cybersecurity needs in the manufacturing and distribution industries, EstesGroup conducted a joint education session with the Specialty Equipment Market Association (SEMA). SEMA is a trade association composed of manufacturers, distributors, retailers and specialists focused on automotive specialty parts and accessories.
The educational session,“Preventing Ransomware in the Automotive Aftermarket,” focused on the steps that SEMA members can do to mitigate cyber threats. These steps can help any business improve digital security, so I’d like to review some of the material covered concerning the landscape of cyber threats.
What is the Threat?
Threats to organizations are widespread and increasingly prolific. According to the 2021 Malware Report from Cybersecurity Insiders, 88% of a survey of 500,000 IT professionals and 76% of 30,000 small and medium-sized business owners say that cyberthreats are a significant and growing risk. The attack vectors are multifaceted, including spear phishing emails, domain spoofing, and man-in-the-middle attacks.
Cyberthreats are impacting organizations at all levels. On the business side, malware attacks caused both an increase in IT security-related spending and a decrease in productivity. At the IT operations level, ransomware is forcing cybersecurity professionals to update IT security strategies to focus on mitigation, as they struggle with data loss, downtime, and business continuity.
Watch the Specialty Equipment Market Association (SEMA) of “Preventing Ransomware in the Automotive Aftermarket”
Ransomware Questions, Security Answers
One might beg the question: Why is this happening? The reasons are surprisingly straightforward—the business of cyber warfare is a low-barrier, high-reward enterprise. The “startup costs” for a hacker who already has the necessary technical acumen are comparatively low, when compared to a traditional business environment.
The Reward is a Handsome Ransom
Cybersecurity is not merely an IT problem. It’s an enterprise-wide issue. As business owners, we do things to make our enterprises more integrated and efficient, and share information across the organization. But this creates new potential opportunities for exploitation. Moreover, since March of 2020, we and our fellow employees have been accessing our work environment from an increasingly remote context, further complicating company networks and creating new vulnerabilities.
Where are the Attacks Coming From?
The threats that proliferate our contemporary cyber landscape can be described as “hidden in plain sight” — the threat is as broad as the number of connected users, connected devices, and connected programs. It is not an exaggeration to say that every touchpoint is a potential threat. Some of the most common infiltration paths include the following:
- Email: Email is a constant target of schemes and scams, and the attacks are getting more nuanced and personalized.
- The Internet: Online infiltration dressed as information continues to be a source of attacks, with increasing attempts from hackers to disguise malicious domains to appear like the familiar sites that you know and love.
- Programs & Applications: Within daily business operations, a company uses a surprising number of discrete applications. Whether online or installed on your devices, every program that we use for business purposes is a potential threat.
- Integrations: The integrating of core systems with third-party applications increases the threat risk. We want the benefits of interconnectivity—for instance, we want our e-commerce system to speak to our inventory system so we know what is available to sell and ship. But in the hands of a hacker, that is a dangerous amount of information to possess.
- Authentication: The credentials that users apply when accessing company resources can be a significant source of risk. Weak user credentials, simple passwords, and basic authentication policies can allow for significant system breeches.
- The IOT Movement: The “internet of things” or “IOT” movement increased points of connectivity, and the number of viable targets. Who would have ever thought that you could get hacked by your refrigerator!
- The BYOD Movement: The “bring your own device” or “BYOD” movement lowered the bar for device management. Increasingly, smartphones and other devices are accessing social media social media to access system resources. The risk here should be self-evident.
- Remote Access: VPNs (or virtual private networks) provide extensive access to company networks. VPNs often provide more access than a user actually needs—it’s like providing access to the entire gymnasium just so you can reach the janitor’s closet.
- COVID: The pandemic expanded the threat landscape, by increasing the number of remote users connected from a broader array of devices, many of them being inadequately-connected. On a broad scale, shared family devices were suddenly connecting to company headquarters.
The Future of Preventing Ransomware in the Automotive Aftermarket
As you can see, the threats are abundant, and the targets are many. The future of security in the automotive aftermarket depends on you and on your cybersecurity strategy. There are some simple steps that companies can take to mitigate the challenges of our current cyber landscape. To see what companies are doing to secure their organizations from threats, and what you can do to secure your future, please watch the recording of the SEMA educational session and come to our managed IT experts with any questions you have about current best practices for threat mitigation for businesses.