Cyberthreat grows in Manufacturing

Digital transformation in the manufacturing sector has brought increased efficiencies, growth and profitability. However, in parallel it has also exposed the sector to increased instances of cyber crimes as malicious actors continuously look for vulnerabilities to exploit through an ever growing sophistication in their approaches. 

A report from the World Economic Forum (WEF) says for the second year in a row, manufacturing has seen the most targeted cyberattacks with 2022 alone witnessing a doubling of ransomware crimes on industrial infrastructure. In order to boost awareness towards this growing trend, the WEF is convening stakeholders to build global commitments. 

Building awareness is the key challenge 

In a note, the WEF says strengthening cyber resilience across the industrial manufacturing system by building awareness among decision-makers and mobilizing global commitment is crucial. Towards this end, the new initiative will define key guiding principles and practices for collective responsibility in the manufacturing ecosystem. 

Both public and private sectors will be joined by academia in defining the principles based on five cyber resilience pillars of (a) developing a cybersecurity culture from the shop floor to the C-suite, (b) adopting a risk-based approach to identify, protect, and monitor critical assets, © planning an incident management process, (d) hardening the assets and the industrial control system environment and (e) managing ecosystem risks.

Chances of ripple effects of cyberattack is more

The WEF note says that In the manufacturing ecosystem, production facilities are spread worldwide and each producer is also a consumer and vice-versa. Therefore a cyberattack on one company can have ripple effects across the ecosystem, with costly consequences.

The resulting risks are systemic, contagious and often beyond the understanding or control of any single entity. A new report found that 98% of organizations have a relationship with a third party that has been breached. In comparison, more than 50% have an indirect relationship, with more than 200 fourth parties experiencing breaches. A recent example is the ransomware attack on a semiconductor industry supplier, which cost $250 million in the next quarter.

Increased digitization brings its own challenges

The scaling of advanced technologies, such as the industrial internet of things (IoT) and automation, and the increased digitalization and connectivity taking place with the fourth industrial revolution, have greatly improved the efficiency and productivity of manufacturing companies globally.

According to research, the sector’s five main threats are phishing attacks, ransomware, intellectual property (IP) theft, supply chain attacks and industrial IoT attacks. A recent report has also found that in 2022, victims in manufacturing accounted for 30% of incidents that resulted in extortion.

Manufacturing companies are a lucrative and accessible target for ransomware due to their low tolerance for downtime and the relatively low level of cyber maturity concerning other sectors. In addition, manufacturing industries often lag in investment into cyber resilience due to the extended production cycles and the hefty investments needed to re-design manufacturing lines.