It is understood that the chemical manufacturing industry is an essential sector to the world’s economy. A multi-billion industry, chemical manufacturing covers a wide spectrum of processes and procedures and, in the UK alone, the chemical and pharmaceutical industry adds an estimated $5.7 trillion contribution to world Gross Domestic Product (GDP) through direct, indirect and induced impacts, equivalent to seven percent of the world’s GDP, and supporting 120 million jobs worldwide.Â
Moreover, some of the world’s largest chemical producers are global companies with international operations and plants in numerous countries which provide essential services, products and commodities that facilitate our way of life.
This includes our basic need for food, clothing, shelter, health, energy, and clean air, water, and soil, among other things. Then you have the last two years where the pandemic brought the world to a standstill yet there was a heavy reliance on chemical manufacturers to provide a constant supply of vaccines and medicines.
Now, imagine a day without any one of these. Being an inconvenience would be an understatement. The reality is cybercriminals have the capabilities to severely disrupt the services and production of chemical manufacturers, particularly as these plants have adopted and integrated technology and software within the physical operations to help aid production and efficiency.
Unfortunately, the risk of suffering a cyberattack is now a matter of when, not if, and we have witnessed in recent years how cybercriminals have been targeting critical industries. High-profile examples involved leading chemical distribution company, Brenntag, which was forced to pay over $4 million after being hit by a ransomware attack.
This is just the tip of the iceberg for chemical manufacturers which are coming under increasing pressure from a variety of threat actors, nation states and competitors. As an industry that has strong ties to critical national infrastructure (CNI), understand that a cyberattack will have real world consequences and, in extreme cases, could even lead to human fatalities.
Because of the concern around the growing threat and the demand for better cybersecurity processes within this industry, members of the US government are currently lobbying for the ‘Strengthening American Cybersecurity Act of 2022’. This is a cross-party act which would require chemical manufacturers, distributers and other businesses that are linked to CNI, to report a cyberattack within 72 hours to the relevant authorities.
Should such an act pass, it would certainly be a step in the right direction as it would prevent organisations vital to our society from hiding such attacks, putting their employees and customers at risk. Nevertheless, chemical manufacturers should not rest on their laurels and wait for such a law to be passed to take security seriously.
Remember, hackers are continually scanning the digital posture of an organisation seeking any weaknesses in the ecosystem. One area that is often overlooked by organisations is the security surrounding their web applications which is a concerning trend because exploiting outdated or unpatched web applications is a common entry point for hackers that then lead to data breaches.
Knowing your external attack surface
Chemical manufacturers consist of many moving components and the same can be said of the security in place. A recent study looking into the state of application security within EU Chemical Manufacturers uncovered concerning levels of vulnerabilities and weak spots in their digital architecture.
In fact, it was found these enterprises had a large external attack surface with 22,507 internet exposed web applications over 6,175 domains. Further analysis revealed 16% of applications were leveraging outdated components while others contained vulnerabilities and 60% considered as ‘critically exposed’ with high susceptibility for exploitation by threat actors.
These are glaring issues that need to be remediated before malicious actors discover them. In addition, the research also disclosed evidence of compromised web applications whereby 211 have compromised credentials where user login and passwords have been extracted and placed on the dark web.
Main attack vectors impacting application
Further insight was provided on the most common attack vectors in web applications used by Chemical Manufacturers and found the following were the biggest risks:
Security mechanisms (SM): There is a lack of security in place regarding how the traffic between the user and the application is protected. If the information is not encrypted this could allow for threat actors to intercept critical information such as payment information or log in details.
Degree of distribution (DOD): This is related to the number of pages and subdomains created. The more pages, the more risks there are. Furthermore, all pages must be identified, and vulnerabilities uncovered at all levels. If not, this presents serious risks.
Active contents (ACT): When an application runs scripts the content becomes active and depending on the way those scripts have been implemented, the attack surface could increase if a website has been developed using several active content technologies. This increases the risk of there being cross-site scripting and outdated components which can allow for attacks through web browsers.
To address these security concerns requires a change in culture and mindset throughout the enterprise. Leaders of chemical manufacturers must understand the full scope of what a successful cyberattack against their infrastructure can have. If they fail to address these issues, they must then deal with the consequences and be held accountable should an incident occur.
Avoiding such a situation should be a top priority and requires chemical manufacturers to gain visibility into their attack surface to understand where the critical assets are located. By conducting real-time scans continuously, detection and remediation of critical security flaws can be fixed within seconds.
With more applications becoming integrated and interconnected within the systems currently used – largely because of digital transformation strategies adopted by chemical manufacturers – continued discovery, assessment and visibility is essential to counter the efforts of modern hackers.
The attack landscape is continually growing so decision-makers within manufacturing enterprises must acknowledge that security cannot be overlooked or swept under the carpet. Allocate the necessary resources to address these issues and your overall risk is significantly reduced.
