During the COVID-19 pandemic, threat actors took advantage of the health crisis and the changes it wrought to attack businesses with relative impunity. Beginning in early 2020 and throughout the remainder of that year, governments and businesses around the globe reported an exponential growth in the number of cyberattacks.
In August 2020, for example, the Federal Bureau of Investigation reported 4,000 complaints a day related to cyberattacks—a 300% increase compared to pre-pandemic numbers.
For many reasons, the manufacturing sector presents a particularly enticing target for cybercriminals and nation-states. In fact, before COVID-19, manufacturers already faced significant threats. In a 2019 survey conducted by Deloitte, 40% of manufacturers reported that their operations had experienced a cyberattack in the previous 12 months.
As the virus spread around the globe, ransomware incidents reported to Beazley Breach Response Services involving the manufacturing sector grew a staggering 156% from the fourth quarter of 2019 to the first quarter of 2020.
Some of these were high-profile breaches along the lines of recent ones involving Colonial Pipeline and JBS, the world's largest meat supplier. Countless other attacks, however, didn't receive the same degree of press coverage.
Deputy Attorney General Lisa Monaco recently warned that the attacks on Colonial Pipeline and JBS were just the beginning and that the nation's CEOs should “batten down the digital hatches against an expected onslaught of devastating ransomware attacks."
Why Cybercriminals Target Manufacturers
The manufacturing sector continues to undergo seismic shifts in how it uses technology. As a result of both existing weaknesses and additional shortcomings that the pandemic uncovered and amplified, there's a frenzy of activity to modernize and digitize. This includes creating more endpoints, connecting more assets to the internet, and embracing the Industrial Internet of Things.
Unfortunately, the assets that now reside in the digital realm often rely on outdated software that no longer receives security updates or, worse, homegrown software that includes inherent vulnerabilities. And since attackers typically look to expend minimal time, effort, and expense to infiltrate an organization, the lack of robust security for newly digitized assets presents an attractive target.
Once an attacker breaches a manufacturer's defenses, they may commit run-of-the-mill fraud by compromising a company's banking logins. In fact, according to Verizon's 2021 Data Breach Investigations Report (DBIR), 92% of the 585 attacks against manufacturers included in the report involved a financial motive.
Fraud is just one risk to mitigate. Many manufacturers also create and use vast amounts of intellectual property (IP). That makes economic espionage a threat companies cannot ignore. In addition to stealing IP and selling it to the highest bidder, an attacker may also deny a company access to it until they pay a ransom for its safe return.
When a manufacturer is unable to access its IP, it may find itself forced to shut down production. This can cause untold financial damage, a decline in public confidence, and potentially increase regulatory scrutiny.
What Type of Threats Do Manufacturers Face?
Whether to engage in fraud or an effort to compromise a company's IP, an attacker needs access to a manufacturer's IT environment.
Due to its relative simplicity and effectiveness, many attackers use phishing or spear fishing techniques to breach a company's defenses. Phishing in either form involves an attacker masquerading as a trusted individual, often via email, to trick an employee into revealing sensitive data. A simple phishing attack involves targeting large groups of employees in the hopes that one or more falls for the ruse. Spear phishing targets specific individuals, such as the company's chief financial officer or members of the board of directors.
A phishing scheme can be particularly damaging, as it may take targets a while to realize they've been victimized. Having fallen for a phishing scheme, an employee may not come forward due to embarrassment and fear that their actions may result in termination. The longer it takes for a victim to come forward, the greater the opportunity for attackers to steal data and trigger mounting losses for the company.
Manufacturers also experience attacks involving password and credential stuffing. Using databases of previously compromised passwords and usernames along with a program that populates the data, attackers input combinations of login data in the hopes of finding a combination that grants access to a company's network. Companies with employees whose credentials were exposed in prior breaches are particularly at risk.
Whether a criminal uses phishing, attempts to combine compromised usernames and passwords, or chooses to employ some other form of attack such as malware, manufacturers face a serious and pervasive threat.
Withstanding the Onslaught
Despite the ceaseless cyberthreats manufacturers continually face, there's a great deal they can do to protect their data and shore up the security of their IT environments.
Manufacturers must, however, improve security awareness at every level of the company. Employees, executives, members of the board, contractors, and suppliers must understand the severity of these threats and recognize their individual role in detecting and preventing attacks.
To underscore the importance of education, the Verizon 2021 DBIR identified security awareness and skills training as the top protective control for manufacturers to deploy. Additionally, it included access control management, as well as secure configuration of enterprise assets and software, as necessary to combating potential threats.
Additionally, manufacturers must identify and remediate vulnerabilities before they provide a pathway for an attacker to exploit. Given the rush to digitize to stay competitive in today's hyper-competitive global marketplace, taking the time to focus on security can prove difficult. In fact, putting security first may mean delaying another technology initiative.
Outsourcing as a Solution
The manufacturing sector now finds itself in the middle of a radical technological transformation. While digitization will catapult many companies to previously unimaginable levels of productivity and performance, reinventing how manufacturers operate comes with risk.
For manufacturers that compromise on security, it may be merely a matter of time before attackers swarm and breach their defenses. As a result, manufacturers must invest in an effective program and empower those responsible for mitigating the threat. This includes providing cybersecurity staff with access to senior executives who can support their efforts and grant them authority to make operational decisions related to security.
Given the unrelenting pressure to secure the enterprise, as well as the complexity and cost of doing so, a growing number of organizations outsource all or part of their cybersecurity program. By doing so, these companies gain access to dedicated cybersecurity teams, staffed around the clock, who possess the latest threat intelligence and employ best practices gathered from numerous industries.
Learn how the Arctic Wolf Concierge Security® Team protects organizations in all industries, including manufacturing. And find out more about what we do for the manufacturing industry specifically.