Industry 4.0 has changed the manufacturing landscape. Driven by always connected devices and the increasing use of artificial intelligence (AI) and automation, companies are finding new ways to improve productivity, reduce waste and streamline manufacturing processes.
The challenge? Increasing cybersecurity risk. It makes sense: As companies transition away from on-premises legacy systems and servers to a mixture of cloud, mobile and hybrid solutions, attackers are seizing the opportunity to find and exploit emerging issues. Data tells the tale: In 2021, manufacturing surpassed financial services as the most attacked industry worldwide, accounting for 23% of all threats.
But even rising risks have prompted mixed responses from companies. According to recent survey data, while 51% of manufacturers believe that the volume of cyberattacks across the industry will increase over the next 12 month, less than half say that cybersecurity is a C-suite priority.
In this piece, we’ll explore the history of manufacturing cyber attacks, highlight some of the biggest threats facing organizations and the steps companies can take to better defend industrial operations.
Cybersecurity in manufacturing
Historically, cybersecurity for manufacturing was a relatively isolated concern — unless employees accidentally shared or maliciously stole data, cyberattacks were few and far between.
In 2013, however, things began to change. The SCADA system of the Bowman Avenue Dam in Rye Brook, New York, was compromised by Iranian attackers who leveraged a susceptible modem connection. In 2015, hackers infiltrated a Ukrainian power grid by spear-phishing an executive account, and by 2020, attackers were leveraging advanced ransomware techniques to compromise utility providers such as CPC Corp. in Taiwan and the Colonial Pipeline closer to home.
So why the rapid uptick in manufacturing attacks? It comes down to the combination of existing legacy technologies and rapid industry change. For many organizations, tools such as SCADA and ICS systems were never designed to interact with the Internet at large, and often lack the capability to interface with new solutions.
Bolstered by the pandemic, meanwhile, manufacturing firms have undertaken rapid IIoT integration efforts to help streamline processes. The problem? Many of these devices come with little (or no) security out-of-the-box, and in some cases updating faulty firmware simply isn’t possible. Put systems never designed for broad network connections together with devices capable of anytime, anywhere connection and companies have handed hackers a golden opportunity.
The numbers make it clear: Cyber attacks against manufacturers are up 300% year over year, and approximately 39% of manufacturers experienced some type of attack in the last year, with damages ranging from $1 million to $10 million.
The top 5 cyber threats facing manufacturing companies
With so many potential points of compromise, it can be challenging for companies to know where security investment makes the most sense.
Right now, five threats represent the most risk for organizations. They include:
- Phishing attacks: Phishing attacks occur when malicious actors attempt to “bait” employees with legitimate-seeming emails that ask for an action or a response. If staff grab this hook, attackers may be able to obtain staff login details or download malware onto key systems. For example, an attacker might create an email that fraudulently claims a user’s password has been compromised and must be reset. The origin email address often looks legitimate, and links are provided for users to click through and enter their details. Once they do, attackers use this information to lock users out of their accounts and access network operations.
- Ransomware: Ransomware involves the encryption of critical data by hackers, followed by the demand for a ransom payment. One recent example is the Colonial Pipeline attack: In this case, the company paid the ransom for access to their data. The problem? Once hackers know they can infiltrate a system and have demands for payment met, they’ll be back.
- Intellectual property (IP) theft: If hackers can move laterally through networks, from user accounts up to more secure databases, they may be able to copy and exfiltrate IP data such as product blueprints or patent information.
- Supply chain attacks: Manufacturing companies don’t operate in isolation. To deliver high-quality products on time, every time, they use a vast and interconnected network of suppliers. If one of these suppliers is compromised, it’s possible for hackers to both disrupt the flow of materials and use insecure connections to move up the network into critical company systems.
- Equipment/technology infreastructure sabotage: In early 2021, attackers leveraged the username and password of a former employee to access a water treatment plant in California. The plan? Poison the local water supply. While the attack was stopped before any damage was done, the advent of connected technologies makes physical damage via digital means a very real possibility.
How manufacturers can protect against cyber attacks
While there’s no silver bullet to solve all manufacturing security issues, there are steps companies can take to significantly reduce their risk, such as:
- Pinpointing key vulnerabilities: First, it’s worth understanding current risk. This means pinpointing areas of network and device infrastructure that may be subject to compromise, and effectively communicating this risk to both employees and C-suite executives.
- Educating employees: Employee education also plays a critical role in stopping cyberattacks. If employees know the telltale signs of phishing and are encouraged to report potential problems ASAP, companies can dampen attack efforts.
- Creating strong ID policies: Weak passwords remain a common problem for organizations. If attackers can easily guess passwords such as “123456” or “Password1,” companies are effectively leaving the doors unlocked. As a result, it’s worth creating policies that mandate strong password creation and require users to change their passwords every 3-6 months. In addition, companies should implement two-factor authentication in the form of a one-time SMS or app-generated code to ensure users are who they say they are.
- Keeping software up to date: Out-of-date software can create security holes, especially if it contains widely known vulnerabilities or has been the subject of a zero-day attack. Using automatic updates is a good way to ensure that the latest software versions are always installed.
- Leveraging cybersecurity expertise: Finally, it’s critical to leverage cybersecurity expertise to build out a robust and reliable security posture. Depending on the size of your organization, this might take the form of an internal team, the use of a consultant group or a partnership with a third-party provider to help identify issues and implement advanced security controls.
Bottom line? Industry 4.0 has fundamentally altered manufacturing cybersecurity. Gone are the days when companies could rely on isolated network operations to protect them from potential threats. Instead, the advent of smart devices and automated tools has brought both increased productivity and rapidly growing risks.
With recognition of key threats and the right approach to industrial cybersecurity, however, companies can better defend what they have and get prepared for a future built on proactive protection.
