The National Electronics and Computer Technology Center (Nectec) is developing an open source Security Operation Centre (SOC)-as-a-service for potential partners to use, offering cybersecurity to small businesses in the manufacturing sector.
Nectec seeks system integrators and cybersecurity service providers to deploy the service for small and medium-sized enterprises (SMEs) using a subscription-based model.
Partners need to invest in cloud computing and threat intelligence data to provide the service, which aims to be a low-cost alternative for SMEs.
Three factories are piloting the SOC service.
Nectec sees increasing risk in the manufacturing industry, where the convergence of operational technology and information technology brings more connected machines, which widen surface targets, Panita Pongpaibool, deputy executive director at the centre, said at a cybersecurity seminar.
Operational technology (OT) refers to a computing and communication system that manages, monitors and controls industrial operations.
According to cybersecurity firm SOCradar, Thailand ranked ninth among the most targeted countries for manufacturing industries. The US, India, Russia, Italy and Germany were the top five.
Ransomware continues to pose a significant risk worldwide, with 28% of all ransomware attacks in 2023 targeting the manufacturing sector.
In addition, global supply chain attacks accounted for 40% of all cyber-incidents involving manufacturing in the first half of 2023.
LockBit 3.0 and 2.0 were the top ransomware groups in this sector. Last November, LockBit ransomware leaked gigabytes of Boeing data after the firm refused to pay a ransom.
There are 70,000 factories in Thailand, of which 90% are SMEs.
Nectec sees SOC-as-a-service as suitable for mid-sized organisations, in particular electronics and automotive firms that have a lot of suppliers in their supply chain, said Ms Panita.
She cited data from Fortinet and Frost & Sullivan in 2022 that found 88% of Thai manufacturers suffered at least one attack in the past year and 53% of these attacks resulted in disruption, while 89% of Thai manufacturers took a few hours or more to recover.
Some 82% of these attacks affected their OT systems.
"We received a grant of US$30,000 from Information Society Innovation Fund Asia to develop the service by using open source tools," said Ms Panita.
Nectec wants SOC-as-a-service to be low cost, she said.
The average price for such service is 3-10 million baht, which is costly for many SMEs, said Ms Panita.
Chalee Vorakulpipat, head of information security research at Nectec, said distributed denial of service and ransomware are the top two threats for manufacturers to monitor.
He said the best way to deal with cyber-attacks is by developing cyberliteracy.
OT is a challenging area as most of the systems are unique legacy systems that cannot be easily adjusted or updated to cope with the dynamic threat landscape, said Mr Chalee.