Smart factories are on the rise but so are cyberattacks. As the manufacturing industry grapples with threats, here’s how to act.
By Isa Jones
The manufacturing industry is vastly important. The White House has, as recently as February, made it a priority to revitalize American manufacturing, which makes sense, as it generates billions. Across the globe, the industry is growing at a rate of 6% between 2020 and 2025.
The manufacturing industry is also vulnerable.
According to Identity Theft Center’s report on Q1 of 2022, manufacturing is a top three targeted industry when it comes to cyberattacks. In addition, manufacturing has the largest average ransomware payout, and 57% of those organizations have faced a third-party related breach in the past year. While alarming, these statistics are not surprising, as the industry is finding itself in a position where growth, innovation, and success are also creating new, complicated risks.
Why The Manufacturing Industry Is Vulnerable To Cyberattacks
There are a few reasons why the manufacturing industry is in the crosshairs of bad actors.
1. The fourth industrial revolution and the rise of smart factories
Manufacturing is quickly transforming from an analog, location-specific industry to one that employs modern technologies to create networks of global software, automated systems, OT, and the internet of all things to manufacture anything and everything in entirely new ways. This exciting innovation, however, means that these organizations are no longer isolated. Software is open for ransom, downtime could ripple out across the globe, and high-value assets and data could be exposed or stolen. Just look at the recent Toyota breach, where a Toyota plant had to pause operations and lost 13,000 cars worth of output due to an attack on a supplier. Interconnectivity breeds larger consequences. In addition, these innovations are often prioritizing just that —the innovation — not the cybersecurity needed to protect those new systems, access points, and assets.
2. The vast amount of third parties that work with a single organization
Relying more on software, IoT, and globalization also means relying on third parties. Just like the healthcare industry, the manufacturing industry is becoming more digitized and looking to third parties to offer more support (and consequently more access) within their operations. As stated above, 57% of manufacturing organizations have faced a third-party related data breach, and the third-party connection point continues to be high risk due to lack of visibility and controls. Many organizations do not employ proper cybersecurity for third-party access.
3. The nature of what manufacturing organizations provide makes them targets for ransomware
As mentioned above, the world doesn’t turn without manufacturing. Many organizations in manufacturing fall under the term “critical infrastructure,” and, unfortunately, that makes them giant targets for ransomware. Phishing attempts rose 200% in 2020, the amount held for ransom increased from $5,000 in 2018 to $200,000 in 2020, and experts estimated that every 11 seconds an attempted ransomware attack occurred in 2021, according to Cybersecurity Ventures. All that data points to more and more manufacturing organizations finding themselves breached and their systems held for ransom. The Colonial Pipeline hack is a perfect example of this kind of risk. The breach resulted in pipeline downtime, which created a gas shortage across the Southeast U.S., and the ransom itself cost millions of dollars and who knows how many hours of clean up. It’s also why the Department of Homeland Security has issued a warning for organizations to be on high alert for a possible cyberattack as the war in Ukraine escalates. Just last month, the Texas Tribune reported that Russian hackers had been probing Texas’ energy infrastructure.
How The Manufacturing Industry Can Thwart Cyber Threats
Where there are vulnerabilities, there are also solutions. While the manufacturing industry, like many industries, finds itself targeted by more sophisticated attacks and a changing security landscape, that doesn’t mean it’s doomed to be held ransom. There are multiple steps a single organization can take to better prepare themselves for what’s coming next.
- Invest in cybersecurity as much as you invest in innovation. Digitizing without protection is just opening access point after access point for cyberattackers. Organizations need to make sure that as they update software, systems, and methods, they are updating their cybersecurity strategies to fit their specific needs and vulnerabilities.
- Secure third-party access points. 32% of manufacturing organizations experienced a third-party data breach last year as a result of having too much privileged access. That’s a lot of breaches, and each manufacturing industry contains dozens or even hundreds of third-party connections. By examining each one, gaining visibility into what access third parties have, and implementing fine-grained access controls, an organization can limit the attack surface if a breach occurs and, hopefully, prevent one from even beginning.
- Develop a decentralized strategy that prioritizes critical access points. Relying on outdated castle-and-moat style cybersecurity architecture is the same as leaving your front door unlocked. If a bad actor is able to walk through that door, everything is for the taking. Instead, focus on securing access points to high-value assets, data, and systems, to make sure every interior door is properly secured. Modern cybersecurity (and in turn, hackers) are focused on access — what access points exist, who has access, and how well are those individual, decentralized points protected.
Isa Jones is the marketing content manager for SecureLink. Based in Austin, Jones has a decade of writing and content strategy experience, including a background in journalism.