Top 5 Cyber Security Threats Facing Manufacturing in 2024

Posted on February 8, 2024 by Will Hayes-Newington

Share

In 2024, the global manufacturing industry is projected to reach $18 trillion in value as countries continue to invest in industrialisation. Key manufacturing countries like China, the United States, Japan, and Germany will account for over half of global manufacturing output. 

 

The manufacturing industry is undergoing major digital transformation, with investments in smart technology expected to reach $100 billion annually in 2024. Some key digital trends include AI and machine learning, augmented and virtual reality, big data analytics, cloud computing, simulation, and the Internet of Things. These technologies enable increased automation, connectivity, and efficiency across the industry. Over 75% of manufacturers are projected to operate smart factories by the end 2024.

 

Many legacy systems and equipment in factories were designed without security in mind. As these get connected to the internet, they become vulnerable access points. There is often a lack of basic security measures like encryption, authentication, and access controls on industrial control systems and IoT devices

 

Manufacturers are also increasingly reliant on third-party suppliers and partners across their supply chain. While this can improve efficiency, it also expands the potential attack surface. If any supplier has weak security practices, it could compromise the entire supply chain. Recent attacks like SolarWinds highlight the massive risk of supply chain compromises.

 

Overall, the growth of new technologies coupled with legacy systems and complex supply chains is creating an environment ripe for cyber attacks in the manufacturing industry. Companies need to prioritise cyber security, or they risk serious operational, financial and repetitional damages. The 5 key areas that we have identified as critical for those operating within or around the mechanical manufacturing industry are:

 

Supply Chain Attacks
Ransomware Attacks
Insider Threats
Phishing and Social Engineering
IoT Vulnerabilities

 

 

 

Supply Chain Attacks

Supply chain attacks on manufacturing companies have been increasingly common in recent years. In 2022, there were several high-profile supply chain attacks that impacted major manufacturers. For example, in March 2022, Toyota suffered a cyberattack through a third-party supplier that led to a production halt at multiple plants.

 

These types of attacks target vulnerabilities in third-party software dependencies used by manufacturers. Attackers compromise the third-party supplier and use that to gain access to the manufacturing company’s systems and data. Common vulnerabilities exploited include unpatched software bugs, misconfigured cloud storage buckets, weak authentication systems, and more.

 

To secure the supply chain, manufacturing companies need to have greater visibility into third-party risks. Strategies include:

  • Conducting thorough due diligence on suppliers’ security practices
  • Requiring suppliers to meet minimum security standards
  • Monitoring third-party systems for vulnerabilities and signs of compromise 
  • Enforcing Multi-Factor Authentication across the supply chain
  • Implementing robust access controls for third-party access
  • Keeping software dependencies up-to-date with the latest patches

 

Taking a proactive approach to securing the supply chain can help manufacturers detect and mitigate attacks before they result in major disruptions.

 

 

 

Ransomware 

Ransomware continues to be one of the biggest cyber security threats facing manufacturers in 2024. Manufacturing companies have proven to be lucrative targets for ransomware gangs, with attacks bringing production to a standstill and costing millions in recovery efforts. According to a 2023 report by Security Magazine, manufacturing was the top industry affected by ransomware, with an 83% increase in victims compared to the previous year. The disruptions caused by ransomware can be catastrophic for manufacturers that rely on just-in-time production schedules and timely deliveries. 

 

Downtime caused by ransomware can quickly spiral out of control in manufacturing environments. Machinery sitting idle for days or weeks can lead to missed production targets, delayed orders, and loss of revenue. The 2021 attack on compressor supplier AirTAC is estimated to have cost the company $200 million as a result of the shutdown. With the average ransomware attack lasting over 3 weeks, manufacturers simply cannot afford such prolonged disruptions in 2024.

 

To guard against ransomware in 2024, manufacturing firms need layered defences combining technology, processes, and staff training. Multi-factor authentication, offline backups, network segmentation, and patch management are vital. Firms should have an incident response plan ready in case ransomware strikes. Staying vigilant and keeping software updated is key, as most attacks exploit known vulnerabilities. With threats rising, manufacturers must make ransomware defence a top priority or risk facing the same crippling outages as victims in 2023.

 

 

 

Insider Threats 

Insider threats are a serious cyber security risk facing the manufacturing industry in 2024. As defined by CISA, insider threats manifest in various ways including violence, espionage, sabotage, theft, and cyber acts. While some insider threats are tied to malicious or criminal intent, the majority stem from careless or negligent employees.

 

Manufacturers often have sensitive intellectual property and proprietary data that disgruntled employees may attempt to steal or sabotage before leaving the company. According to one report, unintentional insider threats are the primary cause of manufacturing security incidents, outweighing external cyber attacks . 

 

Some examples of insider threats in manufacturing include:

  • Theft of intellectual property or proprietary data to sell to competitors. This could involve stealing design files, chemical formulas, or manufacturing processes that give the organisation a competitive advantage.
  • Sabotage of equipment or manufacturing lines by disgruntled employees trying to harm the organisation. This could lead to costly downtime and repairs.
  • Breaches of sensitive customer data, such as designs or specifications, that was shared with the manufacturer under NDA.
  • Attacks on connected OT systems that control assembly lines, robotics, or critical manufacturing equipment. Malicious insiders may try to disrupt operations. 
  • Credential theft where insiders steal passwords and access credentials from coworkers to gain unauthorised access to systems.

 

To mitigate insider threats, manufacturers should implement policies and technologies focused on data theft prevention and access controls. Monitoring employee behaviours through user activity monitoring and privileged access management can detect suspicious access to confidential data. Comprehensive employee training is also key to reducing unintentional insider threats that arise from negligence and errors. With strong prevention and detection controls in place, manufacturers can reduce the risks posed by malicious or careless insiders.

 

 

 

Phishing & Social Engineering

The manufacturing industry is at high risk for phishing and social engineering attacks due to the large number of employees in roles ranging from executives to factory workers. Many manufacturing employees do not have strong cyber security awareness, making them vulnerable targets for phishing emails or social engineering tactics. These types of attacks often aim to trick users into clicking malicious links or divulging sensitive information. 

 

One of the most effective solutions is comprehensive security awareness training for all employees. Manufacturers should implement robust training programs to educate staff on recognizing phishing attempts, safe internet usage, password policies, and other best practices. Training helps empower employees to be the first line of defence. Ongoing simulated phishing tests can also identify areas for improvement. With proper training and vigilant security culture, manufacturers can drastically reduce risk of phishing and social engineering attacks that could cripple operations.

 

 

 

IoT Vulnerabilities 

The growth of IoT devices in manufacturing plants has expanded the threat landscape. Many legacy industrial systems were designed without security in mind and have since been connected to the internet. These insecure devices can be easily exploited by attackers. According to Palo Alto Networks, “The average plant has around 10,000 IoT devices connected to the network. These devices collect sensor data that informs operations, maintenance, and more” [1]. With more entry points into OT networks, the opportunities for attackers increase. 

 

In the last few years, major manufacturers have fallen victim to ransomware and other attacks that compromised vulnerable IoT devices. For example, Honda was forced to halt production at a plant in Japan in 2020 after the eKANS ransomware infected critical IoT systems through a third-party VPN server [2]. Manufacturers must have greater visibility into all connected assets, routinely check for misconfigurations, and enforce the principle of least privilege to minimise IoT cyber risks.

 

 

 

Conclusion

Manufacturing companies must take cybersecurity seriously by implementing modern defences. Steps like training employees, securing supply chains, auditing IoT devices, monitoring for threats, and having an incident response plan are essential. With proactive effort and vigilance, manufacturers can help secure themselves against these rising threats in 2024. The time to act is now before an attack causes irreparable damage. Companies that embrace cybersecurity will gain a competitive advantage. Those that ignore it do so at their own peril. Protect your business and prepare for threats. The future will reward manufacturing companies who invest in robust cybersecurity today.

 

 

Protect your company with Arx Alliance

The Arx platform is unique. Our approach is collaborative rather than prescriptive. We give you the tools and the framework to create robust, secure supply chains in a way that is effective, and cuts through the noise and jargon of a complex industry.

Over time, through a guided step-by-step process, we can help you identify and mitigate risks inside your own organisation, and collaborate with your suppliers to create robust, secure supply chain relationships.

Arx provides your company and suppliers with a suite of security tools:

  • Visibility of the organisation’s attack surfaces
  • Efficient control of cyber policies and standards
  • Central place for managing standards and controls
  • Continuous monitoring of all touch points
  • Situational awareness for all tiers of supply chain
  • Risk scored suppliers to highlight weak links