Patrick Thielen, senior vice president of financial lines with Chubb, explains why malware attacks are on the rise, and what manufacturers must do to protect their people and systems from cyber criminals.

What’s happening with malware attacks today is the culmination of a 20-year trend, Thielen says. Back then, before cyber insurance became a need, cyber criminals were focused on acquiring consumers’ private data, targeting such sectors as financial services, healthcare and technology. As the value of that information decreased, the bad actors began focusing in strategies that they could directly monetize. And manufacturers became ripe targets for attack.

Modern-day examples of direct monetization include extorting victims for ransom payments, installing crypto-mining software on networks, and breaking into accounting systems. In that last instance, criminals can copy bills and invoices, insert their own bank credentials and issue fake statements. Such activity isn’t especially new, says Thielen, “but it’s been ramping up significantly in the last several years.”

Cyber criminals are gaining access to industrial control systems, many of which have been equipped with links to online with the rise of the internet of things, while having been created long before cyber security became a central focus. Making matters worse is the need for manufacturers to allow legitimate access to those control systems remotely.

Two of the most common methods for gaining access to systems are social attacks against employees and malware. The first often takes the form of links associated with e-mails, with criminals using user IDs and passwords harvested from the dark web. The second involves exploitation of technical vulnerabilities. Criminals can scan the internet for IP addresses running old or unpatched software, then send malware to those addresses in hopes of getting a few unsuspecting recipients to click on the messages.