IBM’s “X-Force Threat Intelligence Index” report sheds light on how ransomware and vulnerability exploitation were the biggest causes of concern for businesses last year, especially in the manufacturing sector. In 2021, burdens on supply chains wreaked havoc on the manufacturing industry, which is still recovering from the losses after the COVID-19 pandemic.

To that end, cyber criminals wasted no time in attempting to fracture the backbone of global supply chains, with 23% of attacks targeted towards manufacturing. Taking advantage of the ripple effect in manufacturing disruption, bad actors pressured supply chains into paying ransom especially since halting operations in the manufacturing environment can result in multi million dollar losses. In fact, NTT’s Global Threat Intelligence Report shows that attacks amidst global destabilizing events grew by 300% in 2021.

In the same IBM report, we see that 47% of attacks on the manufacturing industry were the result of software vulnerabilities that weren’t patched, building the case of how critical it is to prioritize vulnerability cybersecurity. This comes as no surprise as many existing systems in the industry were developed at a point in time when security was much less of an issue as it is right now.

According to the Organization of American States and Trend Micro, cyberattacks against critical infrastructure are most likely to target industrial control systems rather than steal data, with critical infrastructure suppliers showing over 54% reported attempts to control systems.

Operational Technology (OT) security is a set of practices and technologies leveraged to protect information, assets, and people, as well as monitor devices, processes, and events. Traditionally, OT security was not necessary because OT systems were not connected to the internet, and as such, they didn’t pose any form of concern for manufacturers.

OT devices didn’t need security measures designed to protect them against external threats, meaning companies are currently using said devices with a complete lack of security practices. OT devices can be exploited by cyber criminals to access a network or perform equipment sabotage, which is dangerous and can lead to devices behaving harmfully.

For example, one of the first forms of OT attacks was the Stuxnet malware which interrupted operational technology in an Iranian nuclear plant, causing hundreds of centrifuges to spin out of control and self-destruct. Another example is the Triton malware which was launched in a petrochemical plant in 2017 and was used to override security shut-down equipment. The implications of these types of attacks are not only significantly damaging to the day-to-day operations of companies, it can also lead to mass human casualties.

The rise in manufacturing cybersecurity attacks is mainly due to the lack of segmentation making it difficult to isolate attacks and ends up causing widespread damage to the entire network. The close-knit and spaghetti-like structure of IT infrastructures in the manufacturing industry is designed in such a way to streamline processes and decrease overall costs.

It is that same structure that can bring companies to their knees if an attack hits. Such is the case of Maersk, who handles one out of seven containers shipped globally. In 2017, the shipping giant suffered outages across the world to their computer systems after a malware quickly spread throughout their network. The ten-day IT outage is something that only a handful of manufacturers could withstand.

Another case where a manufacturer’s infrastructure was targeted, we find Norsk Hydro, a multinational aluminum manufacturer who was forced to close several plants after a ransomware attack on their infrastructure. The attack damaged IT systems across several business functions like smelting plants in Brazil and Norway. Estimations claim the attack costs reached $71 million.

As 5G networks continue to evolve and expand, we’ll be seeing plenty more connected IoT devices and sensors in the manufacturing industry. The IDC Worldwide Global DataSphere IoT Device and Data Forecast, 2019-2023 report estimates there’ll be over 41.6 billion connected IoT devices in 2025 and will be generating over 79.4 zettabytes of data.

Of course, the rise of connected devices also brings network vulnerabilities that can lead to large-scale attacks. In short, the more connected your company is, the more vulnerable it becomes because of the extended digital footprint.

Connected IoT devices create individual entry points into a company’s network, making it critical to ensure each device is trusted and patchable. It’s also key to consider a device’s lifecycle as devices purchased 8-10 years ago may not be patchable now.

Most of the security measures used today are outdated as 5G makes it possible for cyber attackers to get in and out of a network with unparalleled speed.

By nature, cyber attackers are always preying on vulnerabilities. Industries like financial services or telecommunications are much more mature in terms of cybersecurity strategies than manufacturing, and as such have a much better understanding of risk management, monitoring, and threat remediation. The manufacturing industry is like a candy store for cybercriminals who have matured their ransomware and automated their processes.

It’s not optional for manufacturers to invest in cybersecurity measures at the Edge and IoT infrastructure levels to build resiliency, establish formal cybersecurity governance, and prioritize remediation actions based on risk profiles.