Protecting the production line
The value of
cybersecurity to
manufacturers
Contents
Data-driven
manufacturing means higher
rewards and risks
Technology innovations have propelled manufacturing forward in the last decade. Automation speeds up production lines, predictive technology and data analytics help to improve processes and resolve issues faster, and cloud computing connects data across multiple locations to increase efficiency, to name just a few.
But, the volume of technological advances alongside growing supply chains and reliance on SaaS for everyday operations means the average manufacturing tech stack is large. When it comes to proper IT management, manufacturers have a lot of responsibility on their hands. What once was easy to manage is now difficult to keep track of.
And, hackers are aware of this potential vulnerability. Manufacturing is now the most targeted industry for cyberattacks. In this guide, we explain common risks and ways to protect your business from threats.
Manufacturing by numbers
The security landscape
Managing cybersecurity and risk effectively is a difficult task, and it’s one that the manufacturing industry has yet to master because of its complexity.
Attacks are common, manufacturers don’t always have full visibility of their security or vulnerabilities, and growth is restricted as a result.
Every minute
State-sponsored hackers attack healthcare manufacturing companies like Johnson & Johnson every minute of every day.
90%
of manufacturers can detect cyber events, but few extend those capabilities to operational technology.
56%
of manufacturers say that they don’t have enough people to handle the increasing volume of security events.
Understand
common threats
Know which attacks are most common in your industry, how they occur, what they look like, and what you can do to prevent them. Get a good understanding of your vulnerabilities so you can prioritise how to remedy them to make your business less accessible to threat actors.
The 5 biggest cybersecurity threats to manufacturers
Ransomware
65% of ransomware attacks target manufacturers
Phishing
91% of all cyberattacks begin with a phishing email
Industrial IoT Attacks
69% of industry leaders expect IoT attacks to
increase in the coming years
Intellectual property theft
34% of manufacturers say IP theft is their biggest cyber threat
Supply chain attacks
69% of industry leaders expect IoT attacks to increase in the coming years.
Production grinds to a halt at Toyota
A supply chain attack reduced production to a third of its global output. 28 production lines were forced to stop for at least a day when a top tier supplier directly connected to Toyotas production control system, suffered a breach.
Industry-specific risks
Many processes in manufacturing are dependent on one another, and theres often a complex web of systems and equipment linking everything together. From raw materials or parts to equipment for production and distribution, the number of processes and logistics to keep things on schedule can be overwhelming. And a single compromised component can bring operations to a grinding halt.
Hackers know this, which makes manufacturers a great target. One successful attack could cost millions in lost revenue and give a threat actor the notoriety they’re looking for. This is a particularly big risk because supply chains are vast some manufacturers have tens of thousands of suppliers which gives hackers even more opportunities to compromise your systems and processes.
Using smart machinery, though fantastic for speed and production levels, also creates more opportunities for attackers. And, as more back office staff work remotely, unsecured networks could cause problems, too. Theres a lot to be aware of and keep up to date as processes and the way we work change.
WannaCry ransomware attack
WannaCry ransomware attack exploited vulnerabilities in unpatched versions of Microsofts Windows operating system to compromise over 230,000 computers across the globe. Among the victims was global car manufacturer, Renault-Nissan.
Year: 2017 Attack type: Ransomware Scale: Company
LockerGoga
Global aluminium producer Norsk Hydro had to temporarily suspend production after falling victim to a LockerGoga ransomware attack. The attack affected 160 plants across 40 countries and cost the manufacturer an estimated $35m-$41m in just one week.
Year: 2019 Attack type: Ransomware Scale: Company
Operation CuckooBees
The Operation CuckooBees campaign used zero day software exploits to steal intellectual property and trade secrets from technology companies across East Asia, Western Europe, and North America. Investigators attributed the campaign to Winnti, a state sponsored Chinese threat group. Due to its complexity and scale, investigators say it’s impossible to measure the campaigns financial impact.
Year: 2019-2021 Attack type: IP theft Scale: Global
Colonial Pipeline attack
The 2021 Colonial Pipeline ransomware attack made global headlines when it brought operations to a halt at a major US oil pipeline. The attack, which caused President Biden to declare a state of emergency, affected consumers across the east coast and triggered a four cent increase in fuel prices. It remains the largest publicly disclosed cyber attack against critical infrastructure in the US.
Year: 2019 Attack type: Ransomware Scale: Company
Nvidia LAPSUS$ ransomware attack
Nvidia, the US largest microchip manufacturer, suffered severe outages in its internal network for two days in February 2022 following a targeted supply chain attack. As well as disrupting production, hackers belonging to the LAPSUS$ ransomware group successfully stole 1TB of technical data.
Year: 2022 Attack type: Supply Chain Scale: Company
Visser Precision
Visser Precision, a space and defence manufacturer, suffered an attack where sensitive documents were stolen and published online. The hackers asked for $2.3 million in ransom, which the company refused to pay. Amongst the sensitive documents stolen were non disclosure agreements with Tesla, SpaceX, and General Dynamics as well as a schematic for a missile antenna.
Year: 2019 Attack type: Ransomware Scale: Company
JBS
Global food company, JBS, experienced a ransomware attack on its servers by REvil. The attack caused meat production to grind to a halt for more than five days, compromising food supply and prices for consumers, and cost $11 million in ransom.
Year: 2021 Attack type: Ransomware Scale: Global
Securing your business
Every business is a target for hackers, so its important to maintain your security. Here are some top tips for securing your business so it’s less susceptible to attacks and better at responding to them if they do occur.
Update software regularly
Install patches as soon as they re released to ensure your applications and software are up to date.
Strengthen your password policy
Have an organisation wide password policy that stipulates what criteria users must meet to set appropriate passwords and how often to change them. Set up multi factor authentication using tools such as Google Authenticator to add an extra level of security.
Protect yourself first
Build a solid foundation based on cybersecurity best practices to keep your processes, systems, data, and employees secure.
Control access
Limit exposure to sensitive data by ensuring employees can only access the data they need. Set up different access levels to make this easier and give employees user profiles based on their permissions.
Staying safe
A one-stop shop to reduce your cyber risks by 98.5%
If you’re looking for a simple way to master the fundamentals of security, an accreditation like Cyber Essentials is a good place to start. It includes a set of five controls around firewalls, internet gateways, secure configuration, access control, malware protection, and patch management, with a checklist of criteria you must meet for each. The guidance is clear and will help you get a robust level of cybersecurity across all important areas, rather than tackling things one at a time.
If you want to continue your accreditation journey, there are more complex options to work towards, too. After gaining your Cyber Essentials certificate, you can go for Cyber Essentials Plus and ISO 27001.
All of these accreditations will help you to maintain a recognised standard of cybersecurity in your business.
Encrypt data
Encrypt sensitive data so that, in the event it’s stolen, it’s unreadable without the encryption key.
Train your employees
Empower your employees with the knowledge to confidently keep hardware, software, data, and systems safe. Have regular refresher sessions to keep security front of mind, and deliver information in digestible chunks.
Respond to incidents effectively
Prevention is better than cure, but it helps to be prepared for every eventuality. One way to respond to incidents is through a security operations centre (SoC). But just 17% of manufacturers have SoCs that operate 24/7, which could waste several precious hours if an attack occurs outside of its operation. For complete peace of mind, it’s worth looking at 24/7 SoC options. Third parties can provide this for you to take pressure off your IT team.
Staying safe
Secure your supply chain
Because supply chain attacks are so popular with hackers, you need to secure yours. This is a growing trend, with 95% of organisations increasing their focus on third party risk assessment
Talk to your suppliers
Understand where your suppliers and partners are with their cybersecurity and share your experiences. Keep an open dialogue so you’re front of mind if they suffer an attack.
Risk assess
Find a controlled, detailed way to assess supplier risks. Talking to them is a good start, but having structured risk assessments to measure their approach against your needs is going to speed the process up, especially for manufacturers with thousands of suppliers.
Make good cybersecurity practices contractual
Establish what you expect from your suppliers around cybersecurity and apply those principles to contracts. An agreed level of acceptable cyber hygiene sets expectations and keeps suppliers accountable. For some businesses, requiring that anyone you work with completes Cyber Essentials certification will be enough. For others, something more comprehensive like ISO:27001 certification might be better.
Follow the NCSCs guidance
If you ever want to find out more about supply chain best practices, the National Cyber Security Centre (NCSC) has some useful guidance and information.
The benefits of robust cybersecurity
There is more to cybersecurity than peace of mind
For objectively little effort and investment compared to that needed if you face an attack, you’ll get a lot back from prioritising security
Preventing disruption
Implementing strong cybersecurity tools and processes, such as regularly backing up data, will help you minimise the impact of cyber attacks on your operations. Any time you prevent a disruption you’re enabling business continuity, which means more uptime, more profit, and better results for your business.
Building trust with partners and customers
As a manufacturer, you re reliant on your supply chain but you’re also part of a supply chain. That means other companies are counting on you to stay secure. Doing so will build trust and strengthen your partner relationships.
Having comprehensive security practices will also resonate with customers and protect your brand reputation, which is only too easy to damage.
Saving money
Far from a cost centre, research shows that investing in cybersecurity pays off in the long run. It costs significantly more to recover from cyber attacks than it does to protect against them. The average IoT attack costs manufacturers $330,000, on average a drop in the ocean compared to annual cybersecurity costs.
Qualifying for government contracts
Government contracts are a vital revenue source for many UK manufacturers. But with cybersecurity under greater scrutiny than ever, public sector organisations only allow manufacturers with an active Cyber Essentials certificate to bid for government tenders. Getting accredited will help you expand your portfolio of customers and build lasting partnerships.
Increasing productivity
Building a good base level of cybersecurity frees up time to focus on operations, improving productivity. You’ll need to stay on top of security, but it’ll be much easier to maintain when you have a strong foundation.
Earlier threat detection
Investing in 24/7 security monitoring gives you the comfort that no matter what time disaster strikes, someone will be on hand to alert you and help stop it, minimising the extent of the damage caused.
Your cybersecurity journey
Shape up your manufacturing cybersecurity
It’s not easy being one of the most targeted industries for cybercrime. But, don’t let the threat scare you. Instead, let defending yourself against ill intentioned criminals put fire in your belly to make their job as difficult as possible.
Take sensible, steady steps to improve your security, save money, and improve productivity. The benefits will outweigh the time and money needed to set up your defences and far outweigh the cost of a breach, so you’re guaranteed a good ROI.
Remember, if you are looking for a straightforward way to cover the fundamentals of security in one go, you can work towards an accreditation like Cyber Essentials. And, if you don’t want to leave threat detection to your already stretched IT team, you can outsource to a dedicated third party. With the fundamentals covered, you can then focus on what to do next to continue your cybersecurity journey.
For support with accreditations, 24/7 threat detection, cyber insurance, and more, get in touch we re happy to help.