Ukraine Supply Chain Issues

The Russian invasion of Ukraine has not escaped my attention. I took a couple of years away from technical education to study international relations under a professor with Army Intelligence and CIA background. He was a bit weird, but he also had a wealth of information and contacts. I often wondered if I should have taken him up on the offer to join the CIA. Well, no, I was better off the direction I went.

This story from Ukraine came my way. I am not a supply chain expert, but there are stories that fit the manufacturing connection story. This is one. Talk about important connections. These quotes come from Alexa Syniacheva, co-founder and CEO, Moeco.

“The war in Ukraine came as a shock to the world. On a personal level, I am the Ukrainian CEO of a Berlin-based startup, originally from the Ukrainian city of Odesa. My co-founder, Mit Gorilovskiy, and I and founded Moeco in 2018 and run our team across Europe and the US. I have already taken time out to ensure that my family has safely left the country, and am now doing all I can to help my fellow Ukrainians.

Moeco provides logistics visibility solutions based on disposable 4G/5G IoT sensors and a SaaS platform, which allow us and the recipient to track goods to their final destination. We are coordinating directly with Ukraine’s Ministry of Health and Ministry of Defence to organize the purchase and logistics of medical supplies and body armor, and then ensuring these critical items reach the areas where they are needed most.

So far, we have shipped almost $2.5 million worth of supplies, helped by private fundraising initiatives!

To expand our fundraising efforts, Moeco has also teamed up with www.kindrace.com. This is a charity initiative by friend of Moeco, Tatyana Grinuova, a Ukrainian philanthropist and marathon runner. Based in Berlin, Tatyana is currently running a half-marathon in the city center every day to raise funds — and has pledged to do so each day until the war ends. The funds will go to purchasing and supplying these essential items for Ukraine.”

Annual Threat Detection Report Reveals Top Threats and Techniques

Threats can come suddenly from anywhere. The day after Russia invaded Ukraine traffic from Russia to my website spiked. I have a rather steady, if low, number of page views regularly from that country. Not sure why the spike. But when I turned my site into part of my business rather than a hobby blog, I also signed up with a website defense company.

Cybersecurity news has become a mainstay thread for the past year. I don’t know if the cause is related to the pandemic or if venture money is flowing that direction. They all do studies and reports. This one comes from a company called Red Canary, a managed detection and response provider. It analyzed 30,000 threats in customer environments and uncovered a number of trends, threats, and techniques from the 2021 landscape.

Red Canary, the Managed Detection and Response (MDR) provider that detects threats no one else does, on March 22 launched its fourth annual Threat Detection Report, an extensive report that’s based on analysis of more than 30,000 confirmed threats detected across customers’ environments in the past year.

The findings reveal that ransomware dominated the threat landscape in 2021, with groups adopting new techniques such as double extortion and “as-a-service” models to evade detection and maximize their earnings. The report explores the top 10 threats impacting the majority of Red Canary customers – from adversary favorites like Cobalt Strike to new activity clusters like Rose Flamingo – and the most common techniques that adversaries use to carry out these attacks, including guidance for companies to strengthen their ability to detect these threats.

“These threats are less sensational than you might find elsewhere, but they’re the ones that will impact the majority of organizations,” said Keith McCammon at Red Canary. “This report addresses highly prevalent threats and the tried-and-true techniques that are wreaking havoc on organizations. We take it a step further to explore in depth the adversarial techniques that continue to evade preventative controls, and that can be challenging to detect. We hope that this report serves as a valuable tool for everyone from executives to practitioners, providing the information that’s needed to detect and respond to cybersecurity threats before they negatively impact organizations.”

Red Canary found that adversaries have continued to carry out attacks using legitimate tools. As security tools increase in sophistication, adversaries are finding it more difficult to develop and deploy their own malware that evades defenses. As a result, adversaries rely on administrative tools — like remote management software — and native operating system utilities out of necessity, co-opting tools that are guaranteed or likely to be installed on a device rather than introducing non-native software.

Several of the top 10 threats and techniques highlighted in the report are used by adversaries and administrators or security teams alike, including command and control (C2) tool Cobalt Strike, testing tool Impacket, and open source tool Bloodhound. Cobalt Strike, in particular, has never been more popular, impacting 8% of Red Canary’s customers in 2021. Some of the most notorious ransomware operators, including Conti, Ryuk and REvil, are known to rely heavily on Cobalt Strike. Coming in at the No. 5 ranking, Impacket is a collection of Python libraries that is used legitimately for testing but is abused by ransomware operators. This is another favorite among adversaries, as it’s known to evade detection due to its difficulty to be differentiated as malicious or benign.

Ransomware was top billing for some of last year’s most destructive cyberattacks. The report describes the new tactics that ransomware groups used in 2021, such as double extortion, which applies pressure to victims in more than one way to coerce them to pay a ransom. Last year also brought the rise of the affiliate model, which made tracking malicious activity more difficult because intrusions can often result from an array of different affiliates providing access to different ransomware groups. Examples of this include the Bazar and Qbot trojans, used by adversaries to gain initial access into environments before passing off access to ransomware or other threat groups.

The report analyzes several new ransomware families that became more prevalent in 2021, including BlackByte, Grief, Hive, Yanluowang, Vice Society and CryptoLocker/Phoenix Locker, while also taking a look at the families that tapered off, like Egregor, REvil, BlackMatter and Doppelpaymer. Many of the emergent ransomware families were similar to those that became less or inactive, leading analysts to assess that known adversaries resurfaced using a new name.  

The threat landscape moved toward a Software-as-a-Service (SaaS) economy in 2021, muddying the already murky waters of attribution. While Ransomware-as-a-Service (RaaS) has been widely reported for years, this model has now become the norm for adversaries. While Red Canary has been tracking some “as-a-service” models like TA551 over the years, others are just now coming into focus. In particular, Red Canary tracks multiple phishing affiliates that dropped variants of the Bazar family of malware.

This economic model lowers the technical barrier to entry, allowing operators to purchase capabilities rather than develop them. Between Phishing-as-a-Service, Access-as-a-Service, and Crypters-as-a-Service, it has never been easier to find an adversary for hire.

Download Red Canary’s full Threat Detection Report here.

Hannover Messe Preview

Two years ago my last business trip was to Hannover, Germany, to attend the official press preview of the upcoming, but soon to be postponed, Hannover Messe. We knew things were happening in China that were bound to spill over to the rest of us. I don’t think anyone I talked with from any of several countries ever thought the situation would get as bad as happened.

Today I listened to that same preview from the relative comfort of my home office. 2020 experienced the Preview live and the Trade Fair virtual. 2022 will see the situation reversed. The Preview was virtual. The Trade Fair will be live, in-person beginning May 30.

Technology takes center stage at this event. There will be plenty of digital. Digitalization, digital twin, data, software. Many companies will be showing solutions for sustainability, decarbonization, climate change. I saw some new metal forming technologies. Connectivity and networking of many types will be featured.

I remember 10 years ago when the buzz was a new thing called cyberphysical systems. Much of that has been instantiated by now. But there is far to go.

Whether a trip to Germany is in the cards for me right now, I don’t know. It is an expensive trip. So far I have not been contacted directly by companies seeking audiences. I like Hannover, but it will take more than that to get me there. There are worse things than reporting from home.

Commercialization Accelerator Program

Several companies have internal incubators or other programs to foster innovation from outside the company. Hexagon has been pursuing one method of innovation—acquisitions. But it also has an “open innovation start-up platform” called Sixth Sense targeted to “accelerate technology commercialisation in global manufacturing industry.”

Hexagon’s Manufacturing Intelligence division launched Sixth Sense to bring together start-ups and industry-leading companies to create transformative solutions that benefit everyone. It promotes sharing resources, data and ideas to fast-track progress and solve real-world problems which address some of humanity’s greatest challenges, such as the journey to net zero. The challenge areas include Sustainability, Big Data, Machine Learning, Artificial Intelligence, Sensors and Robotics.

Sixth Sense’s first themed challenge – Artificial Intelligence (AI) for sustainable Smart Manufacturing – encompasses all these areas and is also accepting dedicated applications, with start-ups encouraged to register their interest for future themed challenges and events.

Parth Joshi, Chief Product and Technology Officer of Hexagon’s Manufacturing Intelligence division, said: “We are searching for intelligent, efficient solutions that will not only enhance performance, but benefit people and the planet. Industry 4.0 is evolving and pushing to solve complex challenges, but the catch is that you cannot solve big problems without solving lots of little ones at each step with innovation.”

The 10 most innovative proposals will be chosen for an intensive innovate-on-the-job scaling programme, supported by Hexagon, key clients and world-leading mentors. Three final concepts will be offered opportunities to globalise and scale their business as commercial joint ventures.

Milan Kocić, Head of Sixth Sense for Hexagon’s Manufacturing Intelligence division, said: “Sixth Sense will build a bridge between small businesses and larger manufacturers; helping overcome start-ups’ challenges with scaling, while simultaneously meeting the industry’s need for new ideas.”

The platform has already partnered with a number of promising young companies, and is founded on the principle that diversity is fundamental to innovation and establishing such a thriving open ecosystem.

The selection criteria for Sixth Sense include:

• $1m or less in revenue

• 1-5 years in existence

• Post seed, Series A, Series A+

• Proven traction and product-market fit

• Propensity to scale

Preferred qualities:

• Validation of investment from third party

• IP & licenses

Market Analysis, Lithium-Ion Batteries and Low Voltage Motors

I like the market research by Interact Analysis. Its analysts search out data and don’t seem to use the famous sliding scale for prognostication. Although, as always take trend analysis with a grain of salt. Here are two news items from their research.

Lithium-Ion Battery Production Goes Global

Thoughts from Maya Xiao, Senior Analyst.

Why are you doing this research now, Maya? For two reasons. The first of these is that lithium-ion battery manufacturing has gone global in recent years. Previously, production was concentrated in APAC, where the main market also was. But in the past couple of years, electric vehicle manufacturing has taken off in the EU and in America, and as a result we are seeing battery manufacturers springing up across these regions. It’s a global boom time for the lithium-ion battery industry, and we need to assess the state of this burgeoning market.

But the second reason is that research is also needed into the battery manufacturing machinery segment. That’s because every battery manufacturer needs dedicated machinery, which is now a blossoming high-tech sector in its own right. Our aim is to give battery makers and component suppliers a clear view of the machinery landscape.

Can you give me one stand-out fact that you have learned during your research? There’s a lot of optimism about market growth from battery manufacturers and capital markets, and this may be leading them to make overestimates regarding the expected production capacity of planned installations. The average utilization rate of global battery capacity is under 70% currently.

How was 2021 for battery manufacturing? It was a good year. We saw the battery market double in size, and even triple in some regions. And the machinery market was even stronger, being bolstered by the presence of some very innovative high-tech start-ups. Where end-user markets are concerned, EV production saw fast growth, especially driven by the Chinese market, and some big OEMs in Europe.

What about 2022? We anticipate some major financial activity in the markets, with battery manufacturers such as LG Energy Solution, SVOLT and CALB engaging in IPOs which will enable them to invest in significant expansion. As a result, we expect to see tougher competition in the market as the existing big players such as CATL and BYD are challenged by smaller companies which, through going public, generate more funding for R&D and manufacturing expansion.

Low voltage AC motors market grew 21.5% by revenue in 2021

New research from Interact Analysis shows that the low voltage motors market saw the highest revenue growth in living memory during 2021, driven by historic price increases as a result of supply chain disruptions. Growth in unit terms of 6.6% was much more in line with the broader rate of recovery seen in the manufacturing sector globally. Supply chain disruptions have included shortages of key components and raw materials – with steel, copper, and aluminum in particular reaching record highs in 2021 – as well as major increases to shipping prices.

China continues to be the world’s largest motor market and, although ABB and Siemens continue to be global market leaders, domestic Chinese companies, including Wolong Electric and Wanan Motors are now entering the top ten global suppliers. During 2022 we expect to see Wolong hit the top spot in APAC, which will be a first for a Chinese supplier.

Blake Griffin, Senior Analyst at Interact Analysis comments, “For me, one of the most interesting findings of this research is related to new high efficiency IE4 and IE5 motors. There is a lot of hype surrounding them, but the market has shown that it will generally not adopt them unless forced to by legislation. Currently, the IE4 & IE5 motor market is in its infancy with a market size of $134 m in 2020. But major growth is predicted in the European Union which is putting IE4 minimum efficiency performance standards in place.”

Hype in the Press

I have a love/hate relationship to journalism. A free press that reports on what’s happening in government and the world is essential to democracy. The business of journalism combined with the journalist’s zeal for uncovering a “big” story lead to things like click bait and use of emotion-laden words in stories and headlines.

A reporter once put a private conversation we had about local schools politics on the front page of the local paper. That one experience shaded my relationships with reporters when I was later involved in the politics. It also has influenced my reporting during 20 years of interviewing people for magazines and this blog. In that time, I have had to retract only one interview. I’ve changed a couple of things when people didn’t realize this is a personal blog where I add opinions to the press releases. A couple of PR people thought I should just reprint their releases verbatim without comment. Well, sorry about that.

I recently had an email conversation with the founder/CEO of a Web-based news site promoted as a to-the-point news source. It was. Then I noticed post-acquisition emotional adjectives and heads. I was disappointed. He was surprised they did such a thing.

So, I wasn’t surprised when I opened Facebook and saw a post by long-time colleague Dan Hebert dissing the LA Times for a story about 2.5-foot waves “slamming” the California coast stemming from the Tonga volcano eruption and ensuing “tsunami”. I am an inland boy, but I don’t think 2.5-foot waves in the Pacific Ocean “slam” into much of anything.

At about the same time, my copy of the RAM Review newsletter arrived with a lead article from Bob Williamson dissing on another news source taking unresearched statistics (see my article on The Data Detective) about manufacturing.

I grimace when major-newspaper editorialists beat up on manufacturing because of workers leaving, excessive job openings, and an overall decline in jobs. They are looking at data. What do they know about how manufacturing works? And what do they really know about this major economic machine that produces 10.9% of the gross domestic product (GDP) here in the U.S.? Let’s go beyond those numbers and look at manufacturing pre- and post-COVID-19.

“The manufacturing workforce is shrinking,” a recent headline screamed. When we look at the peak of manufacturing (July 1979), there were 19,531,000 employed. As of Dec. 2021, there were 12,580,000 employed in manufacturing. That is clearly a HUGE decline (by the numbers). But what really happened? This is what happened: a total of five, yes five, economic recessions since 1979, according to the Bureau of Labor Statistics. Manufacturing employment declined in each of them.

After those economic recessions, manufacturing kicked into high gear (again) at some of the highest rates in recent history. A 2014 Federal Reserve Economic Data (FRED) report update said it best: “Manufacturing is growing, even when manufacturing jobs are not. What is the explanation? A prime candidate is productivity growth.” And this continues to be true today.

This statement in the newspaper article also got my attention: “Manufacturing has weathered the biggest surge in workers quitting, a nearly 60% jump compared with pre-pandemic.” Employees who “quit” their manufacturing jobs in Nov. 2021 (the latest figures available at this time) was 2.3%. Let’s compare. In the same period (Nov. 2021) when manufacturing quits were 2.3% of the employed workforce, (retail) Trade, Transportation, and Utilities reached 3.6%, Professional and business services reached 3.7%, while Accommodation and Food Services sector reported the highest number of quits at 6.9% of their workforces.

I’ve just taken a few snips from the article. Check out the entire thing. I’ll just add an appropriate conclusion from Williamson for this segment:

The good news: Manufacturing jobs are still rewarding, and there are plenty of openings to be filled by talented people willing to learn.

We have to take in news, but we also need to check our prejudices and filter out the BS.