Award-winning insurance broker Ascend Broking, is warning manufacturing and engineering businesses of a rapidly growing threat against which they should quickly take action and support their operational futures, through the purchase of robust insurance.

A new report, produced by insurance-sector figurehead, Lloyds of London, for the use of its syndicates, warns of the risks to businesses from cyber attacks facilitated by the Internet of Things (IoT). This terminology represents a world of interconnectivity through a myriad of devices that can all sit on one Internet-enabled network.

Whilst in a home setting, these would be items such as thermostat-controlled heating devices, smart TVs and video doorbells, in an industrial or manufacturing setting, they are components of a production line or the machinery required for processing goods. Food sensors, machinery with remote diagnostics, sensors that regulate temperature, flow, pressure or light, are just some. Robotics, lasers and smart-controlled valves could be others. The possibilities are endless.

The Lloyds report was produced in conjunction with cyber analytics specialist, Cybercube, and it pulls no punches when stressing the need for its syndicates to take committed action to address the very real risks posed to industry, by cyber attacks.

Ascend Broking’s managing director, Matthew Collins, explains what underpins the concern.

“To date, we have largely seen relatively few physical impacts from cyber crime, in terms of harm to plant and machinery and disruption on the production line after a cyber criminal has seized control of aspects such as temperature regulation. This is changing and cyber crime is not now just about hacking into bank accounts and stealing money. There is a very real threat to industrial plant and physical assets, due to the interconnectivity of many devices and the impossibility of protecting these with antivirus systems.”

The key industrial sectors of concern are manufacturing, shipping, energy and transportation. The report also focuses on three potential strategies for causing physical damage. The first is where cybercriminals would breach the systems of a manufacturer of devices and infect and compromise them before they were ever installed.

The second is an attack brought about through exposing a weakness within a business’s Internet of Things network. The third concerns the infiltration of industrial IT networks, to cross what is known as the Operational Technology air-gap – the gap between information technology and operational technology.

“Cyber criminals are changing tack and attempting to take whole businesses down in a physical production sense, rather than just being content with attacking their computer systems,” says Matthew Collins. “This is frightening for the future and could even impact on lives but it is most definitely a form of business interruption that industrial and commercial customers are not really focused on right now.

“It is imperative that manufacturers and engineering companies, marine cargo operators, transport companies and energy companies take action to get the right cyber security in place and consider other protection around that. They also need to examine their internal systems, policies with regard to employees logging on to wifi hotspots or using untrusted USB sticks on work computers. All really need to nail down cyber security practice, making it every employee’s responsibility to exercise due diligence in the fight against cyber crime.”