Manufacturing remains one of the most highly targeted industry sectors, according to our latest Global Threat Intelligence Report. In the UK, for example, it is second only to the technology sector with 20% of all attacks. What’s more, half of all attacks on manufacturing come from three attack sources – China (27%), the US (16%) and Russia (6%).
So why is this happening? As manufacturers experience the benefits of automation and the emergence of interconnected and intelligent production systems, the lines between traditional and digital manufacturing are blurring.
In the past, Operational Technology (OT) has been protected from hackers because proprietary systems weren’t connected to the internet. So-called ‘security-by-obscurity’ worked for decades, but connectivity and convergence with IT brings greater risk.
Firms are understandably looking to add intelligence to their OT systems to drive process efficiencies and cut costs. However, many systems are running outdated software or protocols that can be easily hacked. OT machinery is often expensive, meaning replacement cycles could extend for decades. But they cannot be taken offline to patch as they are mission critical, and no parallel testing environment exists for software fixes to be tried out.
It’s no surprise, then, that manufacturers are attractive to attackers who see them as a prime target for the theft of IP and intelligence on new products, processes or technologies, for the disruption of operations, and for hijacking networks to launch an attack into other organizations. This could be very damaging if it is then sold on the dark web to the highest bidder. Years of hard work and brand building – and a lot of money – are wasted.
Data breaches could also impact the company’s finances. In fact, around a third of manufacturing organizations believe that revenue would drop by 10-50% following an information security breach according to our 2019 Risk:Value Report.
Manufacturers therefore need to extend their IT risk management approaches into the OT sphere. IT and OT teams have to do a better job of communicating with each other. Historically these have been separate, with differing security priorities. This needs to change as the new era of smart manufacturing, the Internet of Things (IoT) and hyper connectivity heralds new risks.
Here’s what the manufacturing industry can do to future-proof its assets:
- Get the basics right – people, for example, are often a manufacturer’s greatest threat so invest in staff awareness training, and highlight the importance of collective responsibility.
- Implement robust holistic security processes and procedures.
- Develop threat intelligence capabilities. There is no such thing as an isolated incident so you need to manage the whole incident by developing threat intelligence – pervasive visibility is essential.
- Assess your OT network. Most OT networks have very little segregation and allow an attacker unilateral access after breaching initial defences. Implementing additional OT firewalls within the network will protect core assets.
- Establish the baseline – understand what ‘normal’ looks like and build detection capabilities for abnormal conditions.
- Put in place incident response capabilities – having an effective plan is key and enables you to respond quickly in order to mitigate the threat and identify the cause.
Finally, it’s important to factor in any potential regulatory or compliance requirements, such as the General Data Protection Regulation (GDPR), which could see companies hit with huge fines for non-compliance. Manufacturers are not immune. Understand where your data is held, ensure it is secure, and be clear on who can (and cannot) access and share it.