Read on to learn why the manufacturing industry is particularly vulnerable to cyber security issues.
In the past few years since the onset of the COVID-19 pandemic, we’ve seen cyberattacks grow more sophisticated than ever. Despite a drop in ransomware attacks by volume, the overall incidence of cyberattacks swelled in 2020, and continued to rise in 2021. The manufacturing industry fell victim to a large number of these attacks, with 22% of all cyberattacks targeting manufacturing companies.
Unfortunately, the manufacturing industry is uniquely underprepared for these attacks, with only 19% of manufacturers saying they’re “very ready” for a cyberattack. Coming up, we’ll look at the most common cyberattack vectors and vulnerabilities in the manufacturing industry to better understand the exposure risks a manufacturing company could face.
Cyberattacks on Manufacturing Industry Becoming More Refined
Human error remains a large point of failure in the manufacturing industry, as in any other. However, targeted attacks toward employees have decreased in number, with more advanced methods of personalized targeting emerging. According to Kaspersky, an entire 20% of industrial computer systems have been attacked in the past year using these advanced targeting attacks.
The manufacturing industry is uniquely vulnerable to cyberattacks due to multiple factors. These factors include the interconnected supply chain that makes it easy to falsify an email from one of the companies along that chain, as well as the difficulty of implementing a single security solution across the vastly different computer systems between different departments.
Here are some of the most prevalent cyber threats the manufacturing industry faces.
- Phishing
Manufacturers running interconnected systems that are difficult to secure are easy prey for social engineering attacks. Phishing emails from a hacker masquerading as a trusted person or organization are among the most prevalent vectors for malware infections in the industry.
- IP Theft
Around a third of malware infections in the manufacturing industry came from a specific type of worm virus that is used for corporate espionage (more on this in a bit). Intellectual property is valuable to manufacturers as it gives them a competitive edge but is particularly difficult to protect. Sophisticated malware can sit and gestate undetected in a company’s system, quietly collecting data about how the manufacturer operates and feeding it to a competitor.
- Operational Technology Sabotage
Ransomware is a type of malware that can lock up and encrypt the data on a device or an entire system. The cybercriminal behind the malware attack usually demands that a ransom be paid in order to restore the data. However, this type of malware can also be used to temporarily incapacitate operational technology (OT) and create a financial opportunity for a competitor.
There is also specialized malware intended to destroy equipment, like the Triton malware that disables security fail-safes with potentially catastrophic results.
The Malware Risks of Remote Work for Manufacturers
In most other industries, direct remote access to internal company systems is not essential, as work can be done on personal computers and then simply transferred to a company server via cloud software. The manufacturing industry, however, is unique in that employees need access to the software that runs machinery to be able to operate or supervise it remotely. This situation forces manufacturers to resort to the remote desktop protocol (RDP) as a means of remote access.
With the rise in remote work, companies took to installing RDP software on the personal computers of remote workers. The remote desktop protocol allows workers to access company systems remotely, from their personal devices. However, this introduces multiple points of failure, as personal devices are rarely secure enough to access sensitive company data.
Likewise, the reliance on the RDP protocol poses vulnerabilities not present in other industries. Malware that targets RDP access points is uniquely prevalent in the manufacturing industry, with 34% of all malware detections being attributed to the Morto worm. This particular worm targets RDP connections in order to gain administrative privileges over remote work systems and is frequently used for corporate espionage.
Of course, detection is the first step toward prevention, so deploying malware protection that quickly patches zero-day vulnerabilities is essential. This goes for on-premise systems as well as the personal systems of remote workers.
The Entire Supply Chain Is Affected
So, we covered what manufacturing companies and organizations need to do to protect themselves, or at least part of it. However, it’s also crucial for companies to vet their collaborators in other parts of the supply chain. Tighter collaboration between collaborators to tackle cybersecurity vulnerabilities will serve to tie up loose ends.
Remember, it’s easy to send a malicious email containing a virus from a hacked account of a trusted collaborator to other companies, crippling the entire supply chain. It’s not enough for companies to simply secure their own business; manufacturing companies need to practice due diligence when vetting partners to make sure they only collaborate with security-compliant vendors.
Here are a few ways to prevent cybersecurity threats:
- Educate employees about cybersecurity and how to recognize it. Phishing email recognition in particular is an essential skill to teach employees at all levels.
- Employ a zero-trust network by limiting access to systems and data to only the bare minimum an employee needs to perform their job.
- Employ a multi-factor authentication system, where access to data depends on agreement between several people.
- Minimize or eliminate the use of personal devices for work purposes.
- Enforce strong password rules and use single sign-on (SSO) solutions where possible.
- Keep all software updated with the latest security patches available.
There’s always more that can be done. It’s time to start thinking outside the box. Even competitors need to bury the proverbial hatchet and work together on detecting and patching cybersecurity vulnerabilities for the benefit of the industry as a whole. Collaboration and vigilance are necessary to keep the manufacturing industry safe from cyberattacks, even if it means working with unlikely partners.
