As manufacturing facilities embrace digital technology to make processes more efficient and minimize downtime, they expose themselves to increasing cybersecurity risks. According to IBM’s 2020 “X-Force Threat Intelligence Index,” manufacturing jumped from the eighth most- targeted industry in 2019 to the second. It also experienced the most data theft attacks of any industry in 2020, with 33% of reported incidents. Professional service firm Sikich’s 2020 “M&D Report” notes 45% of surveyed executives report their manufacturing or distribution company experienced a data breach in the last 12 months.
Addressing cybersecurity concerns is paramount to keeping production lines running and private information safe, so industry professionals need to be aware of key issues, including motives, weaknesses, and common techniques.
Motives for Cyberattacks in Manufacturing
Financially motivated attacks are common across sectors, and the same holds true within manufacturing. Cybercriminals may aim to make a quick buck by ransoming data, selling secrets, or tricking the business into thinking they’re a vendor.
However, financial gain is not the only reason for hackers to target manufacturers. Competitors and nation-states may wish to access a facility’s systems to learn trade secrets and/or subvert production.
Cybersecurity Weaknesses in Manufacturing Systems
The unique attributes of factory systems make manufacturing facilities especially susceptible to attacks.
Focus on Safety Rather Than Security
The wellbeing of the workers should always come first, but this focus on safety can divert attention from security. While these priorities may seem to be competing, they’re actually interconnected. Without proper security measures, hackers could gain access to control systems, thereby limiting in-house staff’s ability to adjust settings and/or turn them off if an accident occurs.
Complex Systems & Elaborate Network Infrastructures
Many systems were developed before cybersecurity concerns were as prevalent as they are today. The manufacturing sector was slower to embrace the internet than many industries because there was no real need. Over time, the increasing necessity of real-time data pushed manufacturers to embrace the industrial internet of things (IIoT) to monitor equipment and reduce downtime.
However, operational technology (OT) assets are often legacy systems that must be taken offline to update, due to proprietary protocols. Since they can’t effectively be updated without halting production, many systems have gaping security holes.
Disconnected IT & OT
Factory systems are often operated by manufacturing specialists rather than IT or cybersecurity teams. At the same time, the emergence of IIoT has led to increasing interconnectivity of machinery on the factory floor. While this may greatly improve efficiency, it can also make it difficult to integrate IT and OT systems, and divvy up responsibilities between employees. For the best results, IT and OT staff should work together closely. Unfortunately, this is usually easier said than done.
Perceived Lack of Risk
Larger facilities are often aware of cybersecurity threats, but many smaller manufacturers fail to take necessary precautions because they believe their businesses are at less risk. In reality, hackers may purposely select smaller targets as an easier way to gain entry into larger systems.
Common Techniques Used Against Manufacturers
Phishing
In 2020, manufacturing had four times as many business email compromise (BEC) attacks as other sectors. This may be due in part to the need to communicate with multiple suppliers to acquire parts, which creates more potential opportunities for cybercriminals to make inroads and commandeer funds for supplies by sending fraudulent invoices.
Ransomware
In 2020, 21% of attacks in the manufacturing sector used ransomware. This approach is a win-win for hackers. The facility may be eager enough to resume normal operations to pay the demands, but threat actors can also leak data for additional leverage or sell information about the supply chain, pricing, vendors, and/or trade secrets.
Attacks Against Manufacturers
JBS
In May 2021, JBS, the largest meat processor in the world, experienced a ransomware attack believed to be orchestrated by a Russian hacking group. The attack shut down nine beef plants.
Renault & Nissan
In 2017, automakers Renault and Nissan were affected by the WannaCry ransomware that also hit countless other organizations around the world. This cryptoworm encrypted files and documents, ultimately affecting production.
Norsk Hydro
Norsk Hydro, a major aluminum manufacturer, experienced a ransomware attack in 2019 that locked files, affected 35,000 employees, and cost nearly $71 million.
Trust Cybersafe To Keep Production on Track
Complex systems require state-of-the-art protection. Cybersafe Solutions provides a powerful set of services to protect your systems, detect threats, and respond to incidents.
One of the most critical tools within any industry is continuous security monitoring. Even the most robust systems can succumb to new and innovative cyberattack techniques, so businesses must carefully monitor to spot intruders before they have the opportunity to do serious damage. Halting attackers in their steps can help keep your production running and protect your bottom line. Contact us today to learn more about how Cybersafe can protect your manufacturing facility.
