The manufacturing industry is facing a substantial increase in cyber attacks, with last year's victims ranging from tire and steel producers to wind turbine manufacturers. A recent report revealed that over 70% of all ransomware attacks in 2022 targeted businesses in manufacturing environments or connected to the manufacturing industry, impacting at least 437 manufacturing entities around the world. As the manufacturing industry becomes increasingly interconnected, with network controlled machinery for producing products, the risks and challenges of securing these environments continue to grow.
Legacy equipment has been identified as one significant vulnerability in manufacturing environments due to many interconnected machines using legacy, out dated & insecure operating systems that pose a significant threat to business security. In many cases, businesses can not update these machines as they are purpose built to specifically work with older operating systems and would not work if upgraded. As such it is important that businesses ensure that they have robust physical, network and endpoint security, good identity and access management, and data protection measures such as encryption, data loss prevention, and data leak prevention.
Email communication presents another major vector for cyber attacks in the manufacturing sector. Without the correct email security solutions in place, unsigned emails can lead to brand or identity spoofing, which can increase the potential for phishing, ransomware or other malware attacks. Jason Rebholz, CISO at Corvus Insurance, has also highlighted the need for manufacturing firms to scrutinise the security measures of their third-party vendors, who supply raw materials for production. We have been working with businesses throughout the region to emphasise that companies should implement regular audits and certification checks through vendor management and procurement approval processes to mitigate many of these risks.
As manufacturing embraces digital transformation and connectivity, the industry must remain vigilant in the face of ever evolving cyber security threats. By addressing vulnerabilities in legacy systems, refining email security practices, and ensuring the reliability of third-party vendors, the manufacturing sector can better protect its operations and valuable data from malicious actors.