System intrusion remains a major cybersecurity threat for manufacturers

What are the unique cybersecurity challenges faced by manufacturing companies compared to other industries? How do legacy systems in manufacturing plants affect cybersecurity strategies?

Manufacturing companies operate in a dynamic landscape where the intersection of technology and production processes presents unique cybersecurity challenges. The convergence of IT and operational technology (OT) creates a complex attack landscape which exposes both IT data and critical industrial processes to cyber threats. Additionally, manufacturing companies face the challenge of securing complex supply chains, which creates a web of vulnerabilities, making it difficult to secure interconnected networks.

Legacy systems further complicate things. Manufacturers build new systems on top of legacy systems, and this may result in outdated protection measures. These systems often lack robust security features, making them especially vulnerable to cyberattacks. Their limited visibility and control make it hard to implement modern security tools. Upgrading these systems can be expensive and disruptive to production. However, failing to address security vulnerabilities in legacy systems leaves manufacturers exposed to a wide range of cyberattacks that can disrupt operations, steal intellectual property, or even cause physical harm.

According to The Verizon Data Breach Investigations Report 2024, system intrusion continues to hold the top spot in the manufacturing sector when it comes to cybersecurity breach. What other patterns did you observe in the report, and how manufacturers can avert such breaches in advance?

The Verizon Data Breach Investigations Report 2024 confirms that system intrusion remains a major cybersecurity threat for manufacturers. The report also highlights a concerning 83 per cent of breaches in the manufacturing sector stem from three main attack patterns:

• System intrusion: Often involving the use of stolen credentials to gain access, is the most common pattern, present in 25 per cent of manufacturing breaches. Attackers frequently deploy ransomware, which was involved in 35 per cent of breaches in this sector.

• Social Engineering: Social engineering attacks target the human element of cybersecurity. Malicious actors manipulate employees into revealing sensitive information or granting access to systems.

• Miscellaneous Errors: Errors particularly mis delivery, accounted for 48 per cent of error related breaches. Data loss (20 per cent) and misconfigurations (18 per cent) highlighted the importance of robust device security and standardised system configurations. Additionally, attackers exploit vulnerabilities in web-based applications used by manufacturers, such as supplier portals or customer order systems, to steal data or compromise systems.

What role does the Internet of Things (IoT) play in increasing cybersecurity risks in manufacturing? What are the other factors exposing businesses to cybersecurity risks?

Manufacturing facilities are embracing the Industrial Revolution 4.0, with interconnected machines and sensors promising increased efficiency and productivity. However, this integration with the Internet of Things (IoT) introduces a new set of cybersecurity challenges.

• Increased Entry Points: Every connected sensor, machine, and device represents a potential entry point for attackers. These devices often have weaker security protocols compared to traditional IT systems, making them easier targets.

• Complex Networks: With a multitude of interconnected devices, manufacturing networks become intricate, making it challenging to monitor and identify vulnerabilities.

• Limited Security Features: Many IoT devices prioritise functionality over robust security features. They might lack regular software updates or have weak encryption, leaving them exposed to exploits.

• Data Deluge: IoT devices generate massive amounts of data, creating challenges in data security and privacy. Sensitive manufacturing data, including product designs and production schedules, could be intercepted, or compromised if not properly secured.

31 per cent of all breaches over the past 10 years have involved the use of stolen credentials. How can manufacturing look at safeguarding their crucial credentials?

Given that 31 per cent of all breaches over the past 10 years have involved stolen credentials, it is crucial for manufacturing sector to safeguard them. Manufacturers should implement robust access controls like multifactor authentication, conduct regular employee training on security best practices to combat social engineering and phishing attacks, and secure IoT devices and industrial control systems to prevent unauthorised access. Additionally, manufacturers should conduct regular security assessments of web applications and segment networks to limit breach damage. Regularly updating and patching systems can also mitigate vulnerabilities that could be exploited.

What frameworks or standards do you recommend for managing cybersecurity risks in manufacturing?

In the manufacturing industry, where cybersecurity risks are prevalent, it is essential to adopt comprehensive frameworks and standards to protect against potential threats. Implementing a Zero Trust Framework to cover the key seven pillars (identities, endpoints, applications, networks, data, automation & orchestration, continuous monitoring & visibility) is crucial for protecting the identities, authentication and authorisation.

ICS/OT are physically air-gapped networks and systems. But manufacturers have expanded the connectivity, exposing OT devices to cyber criminals. To better manage the OT components, organisations have opened connectivity between their internal IT network and ICS systems, further exposing the OT infrastructure to compromise through IT systems and then lateral movement to OT.

Implementation of Zero Trust establishes a protective framework, helps to reduce the attack service and complexities, provides adequate protection of identities, authentication and authorisation. Leveraging a Zero Trust framework helps organisations better manage remote access, offers a viable and secure option to replace VPN and aids in micro-segmentation and hiding the infrastructure components from attackers.

What emerging technologies or trends do you see as game-changers for cybersecurity in the manufacturing industry?

The manufacturing industry is undergoing a major transformation with smart factories that rely heavily on interconnected systems. This creates a larger attack surface for cybercriminals. Here are some emerging technologies that are poised to be game changers for cybersecurity in manufacturing:

• Artificial Intelligence (AI) and Machine Learning (ML): These technologies can analyse massive amounts of data from sensors and machines to identify unusual patterns that might indicate a cyberattack. AI and ML can also automate security tasks, freeing up human experts to focus on more strategic initiatives.

• Zero Trust Architecture: The Zero Trust model is a security concept centered on the belief that

organisations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access. This can be particularly effective in a manufacturing environment with a complex network of interconnected devices.

• Regularly Update and Patch Systems: Regularly updating and patching systems is essential for addressing vulnerabilities and protecting against known exploits. Manufacturers should establish a systematic process for identifying, testing, and deploying updates across their IT and OT networks.

• Blockchain: This technology can be used to create a secure and tamper-proof record of transactions and data. This can be helpful for tracking the provenance of materials and products, which can help to prevent counterfeiting and fraud.

What do you see as the biggest cybersecurity challenges for the manufacturing sector in the next five years?

The manufacturing sector faces a rapidly evolving landscape of cybersecurity challenges, driven by technological advancements and increasingly sophisticated cyber threats. Over the next five years, manufacturers must navigate these complexities to safeguard their operations, data, and intellectual property.

• Evolving Attack Landscape: The rise of Internet of Things (IoT) devices and increasing automation will create a vast network of interconnected systems, expanding potential entry points for attackers. These devices may have weaker security measures, making them vulnerable to exploitation.

• Legacy Systems: Many manufacturers still rely on legacy equipment and operational technology (OT) that wasn't designed with cybersecurity in mind. Upgrading these systems can be expensive and disruptive.

• Skilled Workforce Shortage: The manufacturing sector faces a shortage of cybersecurity professionals with the expertise to secure these increasingly complex industrial environments. This makes it harder to implement and maintain robust security measures.

• Convergence of IT and OT systems: The blurring of boundaries between IT and OT systems has increased the attack surface. Securing the integration of IT and OT is a significant challenge, as OT systems were not designed with security in mind.

• Human factor: New technologies require new skills. Factory personnel need cybersecurity awareness training to understand the risks of handling novel data and systems. Without this knowledge, they can become a weak link in the security chain, susceptible to social engineering attacks or data breaches.