For the second year in a row, manufacturing is the most targeted sector for cyberattacks—accounting for nearly one of every four incidents, according to data gathered by IBM. It’s a worrying trend for industry professionals, especially as smart factories become more common and threat surfaces expand rapidly.
There’s no time like the present to reevaluate cybersecurity for manufacturing companies and those in related industries. This article will help you do that with an in-depth look at the types of attacks you face, the risks they pose, and what you can do about them.
Common cyberattacks on manufacturing companies
In 2022, a key supplier of Toyota parts called Kojima Industries discovered a virus in one of its file servers. The incident forced Toyota to shut down production at 14 plants. Although they were only offline for a day, the manufacturing facilities lost output of approximately 13,000 vehicles. Experts estimate this incident cost the company about $375 million.
This story is just one example of the potentially serious impacts of cybersecurity incidents in the manufacturing industry.
Let's take a closer look at some of the most common types of attacks hackers use to target the manufacturing industry below.
Phishing
According to a recent study by Verizon, the “human element” is a factor in 74% of successful cyberattacks. In other words, people making mistakes plays a role in most security incidents.
Phishing attacks purposely take advantage of the so-called human element. They use social engineering tactics to get a company's employees to share sensitive credentials or download malicious files.
Sophisticated attackers have become very good at manipulating future victims, using tricks like urgency, intimidation, or illegitimate emails that look nearly identical to the real deal. That’s why manufacturing companies should educate their employees on what phishing attacks look like and their associated risks. Using phishing simulation exercises and campaigns is a great way to do this.
Business email compromise
The 2022 Microsoft Cyber Signals Report found that there were approximately 35 million business email compromise (BEC) attempts in that year alone. BEC attacks are low-cost and can be devastating, which makes them a common choice among bad actors targeting the manufacturing industry.
In a BEC attack, a hacker may gain access to a trusted company leader’s email account and use that access to request funds, sensitive information, and other private details from employees at the same company.
These attacks can be difficult to stop because they bypass many of the cybersecurity monitoring tools companies implement. That’s why we created a guide on business email compromise attacks. You can review it to learn more about defending against them.
Supply chain attacks
Supply chains are very complex in today's globalized world. Manufacturing just one product can involve work from multiple suppliers, dozens of technologies, and hundreds of people across several countries. Bad actors try to take advantage of this through supply chain attacks.
A supply chain attack is when a hacker targets a weak link in your company’s supply chain to compromise your business’s private information. This can involve:
- Someone slipping malicious code into third-party software that gives unauthorized backdoor access to your data
- Malicious insiders at third parties in your supply chain intentionally sabotaging your company or stealing its data
- Pre-installing malware on devices used in your supply chain
- Other attacks targeting supply chain workers, technologies, and processes
To find potential weak spots in your supply chain, you first need to get a good overview of it. Once you’ve done that, you can zoom in on each step to find and methodically plug your vulnerabilities.
State-sponsored attacks
Foreign countries sometimes use cyberattacks to get privileged information from companies or disrupt their business. Given the critical role this sector plays in the broader global economy, companies in the manufacturing industry should be keenly aware of this risk.
Even though it can sound far-fetched that a government would target your company, it’s not at all impossible. For example, espionage-motivated hackers believed to be sponsored by the Chinese government recently targeted semiconductor manufacturers with malware in Chinese-speaking regions.
Cybersecurity risk in the manufacturing industry
In 2023, the average cost of a cyberattack was $4.45 million. Those costs stem from lost profits, reputational damage, and money spent investigating, eradicating, and recovering from the attack.
These are expenses every business can face in the wake of a breach. However, companies in the manufacturing industry carry several heightened risks worth considering as you establish your security posture. Here are four to keep in mind.
Lost intellectual property (IP)
Companies in the manufacturing industry earn money by making things consumers want. The designs for these products are the intellectual property of the business. Bad actors can share stolen information with competitors who may use the IP to replicate your manufacturing processes with the intention of stealing your customers.
That’s why having a plan in place for protecting your company’s most valuable IP is essential. If flagship product plans get compromised and exposed in an attack, your competitive advantage could evaporate, and your business may struggle to regain it.
Disruption to operations
Cyberattacks in the manufacturing industry can also disrupt your operations. Think back to the Kojima Industries example from earlier. When the Toyota supplier got hacked, it had to shut down operations at many plants, resulting in hundreds of millions of dollars lost.
This example shows how economically devastating these attacks can be, even when attackers don't steal anything of outright value. Halting your operations for even a day can have knock-on effects that stop production elsewhere, spoil supplies, and leave your business playing a costly game of catch-up.
Legal implications
You can also face costly legal issues in the aftermath of a cyberattack. These can be particularly damaging to agreements you may have with third-party suppliers and vendors.
For example, if a breach shuts down operations temporarily, you may no longer need some of the supplies you would order from a third-party business. If you have a contract in place with that supplier, there could be repercussions for failing to honor the agreement. It may also present similar issues with vendors who rely on having your products available to sell to their customers.
There are also a variety of legal issues you could experience due to lost IP or consumer data. Problems like these can be costly to recover from, potentially leaving a lasting mark on your company’s reputation. The good news is that there are a number of cybersecurity best practices and solutions you can implement to reduce your risk of attack.
Reducing cyber risk as a manufacturing company
Now that we’ve covered how manufacturing businesses get targeted by cybercriminals and some of the costly problems these attacks can create, let’s discuss what you can do about it.
Here are five tips to get you started.
Conduct a security maturity assessment
You can begin by looking at your company’s current security strategy. As you do, consider:
- What you’re doing now to protect against cyberattacks and where any gaps exist
- The data and resources cybercriminals could target
- Your internal level of cybersecurity expertise
- Other factors potentially influencing the impact of cyberattacks, such as incident response preparedness
Manufacturing companies should pay particular attention to operational technology (OT), which includes hardware and software used to monitor and control industrial equipment. The prevalence of OT devices in manufacturing businesses gives them a unique, typically larger, threat surface that bad actors can target.
Completing a thorough security analysis should help you understand how prepared your manufacturing company is to face the different kinds of attacks it may encounter.
Raise awareness and train employees
As previously mentioned, the human factor plays a role in nearly 75% of successful cyberattacks. This shows why getting your employees involved in your cybersecurity efforts is essential. Without their help, you can only do so much to keep your business safe.
You can begin by teaching your employees about the different kinds of attacks they may face. It can also be helpful to show them what those attacks look like. For example, you might share an example of a phishing email to teach your team how to spot these kinds of messages and what to do about them.
Many companies also teach employees proper cybersecurity hygiene. That means educating your team about the following:
- Setting strong passwords
- The importance of updating and patching software in a timely manner
- Multifactor authentication and how to use it
- Physical security controls like never leaving devices unattended
Consider creating policies that require things like multifactor authentication usage and passwords with special characters to ensure employees do everything they can to help you protect your business.
Limit access
You can follow every security best practice, and still, an employee’s account could end up compromised. This is a significant reason why you should consider following the principle of least privilege, which recommends that you only give employees access to the databases, networks, and systems they need to do their jobs.
The idea is that if a hacker breaches an employee’s account, they can only access a segment of your protected data instead of all of it. Limiting access can help reduce the impact of a breach if you ever experience one.
Conduct regular security audits
It’s also important to regularly reevaluate your cybersecurity posture after you have a good plan in place. Hackers are constantly searching for new ways to exploit companies in the manufacturing industry. You may need to update some of your policies and practices as new hacking methods arise.
The only way to make sure you do that in a timely manner is to evaluate your security strategy on an ongoing basis. If you need to make changes, make them quickly to plug your vulnerabilities before attackers can exploit them.
Partner with experts
Your manufacturing industry company may not have the internal cybersecurity experience it needs to take all of these steps on its own. That’s more common than you might think, and it’s why companies like Field Effect exist.
We offer a variety of cybersecurity solutions and services, including Covalence. As a managed detection and response solution, Covalence gives you access to technology and human experts who will watch over your business and take action swiftly if suspicious or malicious behavior is detected.
Whether you’re interested in implementing a long-term cybersecurity solution or receiving a one-time cybersecurity maturity assessment, working with an experienced firm can be a smart move.
Enhance your defense today
There’s no time like the present to start educating your employees on the importance of cybersecurity. You can begin doing that today with our Employee Cybersecurity Handbook.
It’s a free introductory handbook you can offer to employees to educate them on common threats, the best security practices to follow, and more.
