Stopping Cyber Attacks in Manufacturing
by Serena Raymond on Apr 23, 2021 12:00:00 AM
Here’s an unsettling trend for our friends in the manufacturing industry: a recent survey found that most manufacturing executives feel they can no longer keep pace with cybersecurity threats.
The report posits that the threat of manufacturing cyber attacks have overwhelmed the resources of 53 percent of respondents, who say that their security workload either “somewhat” or “significantly” exceeds the current capacity of their team.
While this is a disturbing statistic, it is by no means surprising. Manufacturing cyber attacks are increasing and evolving rapidly. Legacy equipment is replaced by state-of-the-art technology, but as the manufacturing industry undergoes digital transformation, new vulnerabilities emerge.
An overview of recent manufacturing cyber attacks
In Verizon’s 2020 Data Breach Investigations Report, it’s discovered that three out of every four manufacturing cyber attacks were perpetrated by external threat actors. Seventy-three percent of attacks were financially-motivated, while the remaining attacks were considered “espionage.”
According to a report by the Wall Street Journal, manufacturing is one of the most vulnerable industries based on their lack of preparedness for a cyber attack. Manufacturing as a whole was the least likely to have:
- An in-house cybersecurity program
- A dedicated budget for cybersecurity
- An incident response plan
- Ongoing cybersecurity training
Fewer than two thirds of manufacturing companies even have a cybersecurity program. Which is bad news considering they’re one of the most vulnerable industries. In just one year, 40% of manufacturing companies were the victims of a cyber attack. Of those impacted, 38% dealt with over $1 million in damages.
In 2020, a parts manufacturer called Visser Precision became the victim of a ransomware attack and put clients of theirs (such as Lockheed Martin, SpaceX and Tesla) at risk. The ransomware used in this attack is known as DoppelPaymer. The ransomware first exfiltrates then encrypts files, before publishing the “files as leverage in their ransom payment negotiations.”
One of the most devastating attacks on manufacturing occurred in 2017. Mondelez, manufacturer of globally recognized snack brands such as Oreo and Ritz, was the victim of a NotPetya ransomware attack:
...the American food products offering company says that it was targeted two times by NotPetya in 2017 with over 1700 servers and 24,000 laptops rendered mal-functional on a permanent note.
Based on projected loss of sales, expenses related to the attack, and recovery work, the estimated cost of this cyber attack had a price tag of $150 million.
The Impact of attacks on manufacturing
The most common manufacturing cybersecurity threats include data theft, ransomware, phishing, supply chain attacks, and IoT attacks. They involve theft of data; loss of trust, time, and valuable resources; and can incur devastating costs. Malicious actors steal credentials, expose sensitive data, and hold intellectual property ransom (or sell to competitors).
Some attacks impact operations so severely that manufacturers are forced to pause operations, close plants, renege on customer orders, and spend hundreds of millions of dollars in an effort to recover from the event.
For manufacturers, the risk has clearly become too great to ignore. What, then, can you do to protect yourself from manufacturing cyber attacks and ensure that your organization doesn’t experience devastating downtime?
How to stop manufacturing cyber attacks
Manufacturing companies seem to struggle with cybersecurity education, so they need to make a greater effort to train employees to recognize threats.
Know the signs and mitigate your vulnerabilities. Train your employees to recognize phishing scams, conduct background checks for everyone on your team, and control which users have access to what data. Take your cybersecurity policies one step further: educate your entire company so that collectively you can spot any suspicious or malicious activity before it has the opportunity to develop into something more.
Beyond employee education and training, create a plan to update your systems. Be aware: undertake your technology upgrades with great care, because while legacy systems have their own vulnerabilities, remember that system updates come with their own risks. As you digitize more aspects of your operations, you’re simultaneously increasing the digital footprint through which a cyber criminal can potentially attack.
As you expand your technology stack and integrate on-premise hardware with cloud-based software, it’s important to establish centralized oversight. What systems hold sensitive data? How is each aspect protected? Look for cybersecurity solutions that have the ability to secure your oldest hardware and your newest systems. Fragmentation leads to vulnerability, but with the right solution and coordinated efforts, you greatly reduce your risk of attack.
DNS filtering is one such security measure that protects your organization (from ransomware, phishing, malware, and more) across your entire network.
Devote resources to employee education, IT security efforts, and protective technology.
As you invest in new technology and tools, take the time to update your cybersecurity plan as well. The threat landscape continually changes, and your plans should, too. Establish a cybersecurity budget, if you haven’t already. Determine critical information: who to contact in the event of an incident, where (and how) to store back-up data, and what to do in the moments immediately following a security breach.
Your manufacturing IT team is already performing a balancing act in securing your organization’s network. You’re responsible for systems that are being accessed by employees on the road, in manufacturing plants, and guests accessing campus systems. You monitor on-premise hardware, IoT devices, legacy technology, and cloud add-ons. Your jurisdiction spans a wide location, sometimes multiple countries. If you experience a cyber attack, you need to be prepared. A detailed plan will be invaluable in the event of a breach — your team needs to be well-equipped to stop a manufacturing cyber attack, not reactive after a breach occurs.
Whether it’s malware, ransomware, phishing, or a host of other malicious attacks, the threats faced by manufacturers are all too real (and all too common). Cyber criminals consider the manufacturing industry to be a high-value target. The biggest manufacturing cyber attacks are proof that no company is immune from attack, and failure to protect your organization can lead to devastating consequences.
As you look to invest in new cybersecurity measures and reexamine existing resources, remember to focus on the entirety of your organization: from your oldest piece of hardware to your newest software integration.
DNSFilter is designed with the manufacturing industry in mind. We’re a cloud-based security solution, but our protection secures so much more than your employees’ smartphones. There are three different ways to deploy our solution, and if your organization requires it, you can use each deployment method. That means implementing the solution per device, across a local network, and through a virtual machine to meet your needs.
We believe in doing whatever it takes to protect our customers from cyber crime, and that includes providing flexibility in how you set up your DNS security.
Start your free trial today to see how your organization can benefit from DNS security.
The shift from in-office to remote work happened (quite literally) overnight. Work from home was forced onto many during the onset of the COVID pandemic, and it was astonishing how quickly people and organizations alike adapted to this new work style.
Zero Trust Network Access (ZTNA) is a cybersecurity paradigm that is rapidly gaining popularity among IT professionals. At its core, ZTNA is about moving away from the traditional network-based security perimeter approach and instead focusing on the users, assets, and resources that make up a system.
When DNSFilter was founded in 2015, we had a vision to build a product that would keep people and businesses safe and secure while they were using the internet. As a part of that vision, we have also worked diligently to ensure our growing organization maintains a high level of information security.