Clearly, vulnerabilities in the manufacturing sector mean that the impact of a cyberattack can be significant. In May, the WannaCry ransomware worm affected companies in over 150 countries and was dubbed the largest ransomware attack in history.
As factories and processes become increasingly digitalized, the threat of cyberattacks continues to grow. With hacking frequently making headlines—consider the WannaCry ransomware attack in 2017—you would assume that manufacturers have implemented protective measures to prevent similar threats from disrupting their operations. However, government research has found that this is not actually the case.
In a survey of the 350 largest companies in the UK, more than half (54%) stated that cyber threats are the greatest risk to their business operations. Despite this, 68% of boards reported that they have not been trained to respond to an attack, while one in ten said they have a response plan in place should an incident occur.
Clearly, UK companies are largely unprepared for the increasing likelihood of a cyberattack. It seems many believe it is merely a possibility rather than a reality. However, the truth is that cyberattacks are now occurring against manufacturers, and if you don’t protect your company, you could be next.
In this blog post, I will discuss the growing cyber threats facing manufacturers, the potential impact an attack can have, and how you can safeguard your company.
The Impact of Cyberattacks on Manufacturing
It is clear that vulnerabilities in the manufacturing sector mean the impact of a cyberattack can be substantial. In May, the WannaCry ransomware worm affected companies in over 150 countries and was described as the largest ransomware attack in history.
Renault-Nissan fell victim to the attack, disrupting or even temporarily halting production processes and ultimately affecting manufacturing output. The attack occurred on a Friday, and it wasn’t until Monday that the issue was largely resolved. The financial impact of the attack is unknown, but given its scale, it was likely significant.
After this initial WannaCry outbreak, the ransomware resurfaced in June when it was found on computer systems at Honda. Upon discovery, the production of 1,000 cars was halted at the Sayama automotive plant outside Tokyo. The attack was reportedly due to Microsoft systems not being updated to patch a previously identified vulnerability.
These cyberattacks are not solely about halting production; in 2015, Duuzer—a backdoor Trojan—targeted South Korean manufacturing organizations, stealing sensitive information from their systems.
Of course, in manufacturing, there is a very real risk that production processes themselves could be altered. For example, if hackers modify design files or settings—even in minor ways—it could result in the production of incorrect parts and products, essentially leading to significant waste and financial loss for the company, as well as potential safety hazards if the products reach the public.
Why Manufacturers Are a Target
The manufacturing sector suffered the highest number of cyberattacks in 2021.
For the first time in five years, the number of cyber incidents in manufacturing surpassed those in the finance and insurance sectors, according to IBM’s X-Force Threat Intelligence Index report. Threat actors understand the critical role of manufacturing in the global supply chain and are seeking ways to disrupt these organizations. Companies in the sector are common targets because their systems are often vulnerable, which immediately creates issues in production and supply chains. This makes ransomware demands more likely to succeed.
IBM analyzed data from endpoints, networks, and detection devices, along with incident response data and tools such as phishing kits. The report concluded that in 2021, nearly a quarter of all attacks were aimed at industrial sectors.
The tech giant’s security division observed a 33% increase in cyberattacks last year. Forty-seven percent of these attacks could occur due to organizations not properly managing their patches. Phishing remains the most common cause of cyberattacks, with 44% of ransomware attacks successfully executed this way. Security experts also noted that ransomware targeting Linux rose by 146% in 2021.
Enhancing Cybersecurity in Manufacturing
If reading this blog has left you feeling concerned about potential vulnerabilities in your company, it’s time to take action. But how can you improve cybersecurity to avoid becoming another example of the impact these threats can cause?
It’s easy to think that using digital software and systems might do more harm than good. However, as discussed in previous blog posts, the benefits IoT brings in efficiency and productivity far outweigh potential security concerns.
Clearly, the solution is not to avoid digital technology; rather, it’s about putting the right processes in place to get the best of both worlds while protecting your systems from attacks. Keep the following essential tips in mind:
- Proactively protect your business — don’t wait for an attack to occur before securing your systems. Implement measures now to safeguard against future losses.
- Develop a contingency plan — if an attack happens, how will your business respond? Establish a plan to minimize the disruption caused by an incident. Running simulations can be helpful if you’re unsure of potential outcomes.
- Provide employee training — related to the above, training staff on cybersecurity is critical. Conduct regular training sessions and outline expectations in company handbooks and contracts.
- Keep systems updated — one of the easiest ways to protect your business is to keep your systems current. Don’t just click “remind me later.”
- Allocate a cybersecurity budget — dedicate time, resources, and funding to cybersecurity to make it an intrinsic part of your processes, rather than a minor area that can be easily overlooked.
Don’t leave cybersecurity in manufacturing to chance; take action now to ensure the safety of your critical business processes and data for the future.
