Vulnerabilities related to working remotely and the potential for increased financial benefit are prompting cybercriminals to ramp up their activities to steal data and cause disruption during the COVID-19 pandemic.
The spike in cyber attacks affects the entire global automotive industry, including Magna’s suppliers and customers.
“Awareness of cyber attacks and how to prevent them is taking on greater urgency for Magna as we mark Cyber Security Awareness month in October,” said Paul Bellack, vice president of global IT and digital transformation. “Increased online dependency means everyone plays a role in ensuring our cyber defenses are up to date.”
Since the pandemic began in early 2020, Magna has detected a 20 percent increase in the volume of phishing attempts and other security incidents. Our “attack surface” has grown at the same time. In addition to 120,000 computers, Magna’s mobile devices, including phones and tablets, now number 30,000.
At least 12 Magna suppliers have been hacked this year with ransomware, a type of malicious software designed to block access to a computer system until a sum of money is paid.
New opportunities for criminal activities include malicious scams designed to trick victims into sharing credentials for collaborative tools such as Webex and Microsoft Teams. Stealing credentials can compromise our information systems, allow unwelcome guests to use Magna accounts without cost, record sensitive information or spy on us.
Peter Elliot, global information security officer
“Fortunately, we catch many of the scams before they even reach your inbox,” said Peter Elliot, global information security officer. “And there are new initiatives in the works to add the next level of protection.”
These include Identity and Access Management or IAM, new tools and processes that will provide extra protection in fighting identity or credential theft, next- generation logging solutions, and new testing of Magna cyber-security training programs.
Paul Bellack, vice president of global IT and digital transformation