By Lauren Middleton, content writer and web designer, River Valley Digital
Industry 4.0 has significantly transformed the manufacturing industry. Manufacturing companies that integrate Industry 4.0 or “Smart Factory” experience better efficiency, improved data insights, better quality control, reduced labor and reductions in cost. However, the associated interconnectedness comes with a cost.
Smart Factory environments have experienced a significant increase in cyberattacks. According to Statista, manufacturing accounted for 23% of cyberattacks in 2021 alone. In fact, manufacturing knocked down the financial services industry from being the most attacked industry by ransomware in 2021. The average loss from a major cyber breach was $1.7 million.
Additional costs also arise related to customer service disruptions, productivity losses and compliance fines. Surprisingly, despite the existential risk to the business, many manufacturers still believe that “this will never happen to my company.” Recovery from a cyber-crime event may not be possible, so what are some of the solutions to the problem? A proven solution is cooperation with a managed service provider.
A managed service provider (MSP) is a third-party company that in cooperation with a company’s internal IT staff remotely co-manages all facets of the corporate information technology infrastructure, OT and IT, including data networks of all devices, office and plant. These services include 24/7 systems management, monitoring and comprehensive security.
Cyberattack risks
The biggest cyber threats to manufacturers originate from ransomware via phishing attacks or other security impairments. Such attacks are malicious and can cause loss of revenue, business downtime and money extortion. Ransomware is the most common type of malware. It allows a hacker to access and cripple computer systems, and keeps systems inoperable and data inaccessible until the affected company pays a ransom.
Chris Scallan, converting superintendent at Delmarva Corrugated Packaging (Dover, Delaware) said cyberattacks are a significant concern in its Delaware facility, and the company has partnered with an IT-managed services provider. “It is a very large concern to make sure attacks do not happen and that the provider makes sure it does not happen,” he said. “And knock-on-wood, since being at the new manufacturing facility in Delaware, there have been no issues.”
The main reasons manufacturers are targeted for cyberattacks frequently are related to their high-value data and significant revenue basis. Hackers know that they have great leverage because the attack can cause extensive damage and the manufacturer has the revenue to pay for the ransom.
Phishing
Phishing often is the means of the cyberattack: The attacker disguises themselves as a legitimate source to convince the target. In most cases, a malware or ransomware attack needs the victim to click a link or download an email attachment. So, attackers often embed malware or ransomware code into a phishing email. An unsuspecting, unfamiliar and not sufficiently trained workforce is the most common reason manufacturing facilities fall victim to phishing attacks.
Roughly 26% of manufacturers report that employee errors and omissions are one of the biggest cyber threats faced. Common threats that stem from employee error are falling for phishing attacks, incorrect use of company data on mobile devices, direct abuse of IT systems and machine errors. Manufacturers need to create organization-wide cybersecurity policies and protocols. Managed services providers are ideally positioned to provide guidance in creating these security systems, helping to implement and monitor them.
Remote work
The increase of a remote workforce has led to a significant rise of cybercrime incidences in the manufacturing sector. The main threat to OT systems (plant operational technology) occurred through employees who have had direct access to OT networks while working remotely. The need for remote direct online access to production automation equipment increased suddenly with the arrival of the pandemic.
Not only employees have required this access, but vendors of automation machinery also needed to remote in as travel was restricted or outright not possible. Digital transformation on the factory floor has allowed once isolated operational technology networks to be connected with the rest of the devices of the company’s IT infrastructure. Scallan explained the advantages of having interconnected machines: “Any time there’s an issue with one of the machines, an employee is able to call the vendor and the vendor can dial into the machine and troubleshoot directly with the employee and that makes it a lot easier than trying to speak over the phone.” Yet this infrastructure requires a whole new network and security configurations with around-the-clock monitoring as threats can surface indiscriminately at any time.
ERP systems
Environmental resource planning systems (ERP systems) are one of the top targets for cyberattacks. ERP systems contain company financial data and other sensitive information that is valuable to hackers. When this data becomes compromised, the factory’s critical infrastructure is in danger of shutting down. It is crucial for manufacturers to have cybersecurity measures in place for all ERP systems.
“The company has two ERP systems, two of them working in conjunction. One is further along than the other – it is a special system for the industry – and it is cloud-based,” explained Scallan. “Nothing is local here in Delaware. Instead, the provider takes care of it offsite. If anything happens within the building, the cloud-based disaster recovery kicks in, and the system can be run from anywhere.”
Mergers and acquisitions
Manufacturing experienced a revival after the pandemic slowed down and with it came several mergers and acquisitions. With more mergers and acquisitions occurring, comes the need for M&A cybersecurity strategy and due diligence. Cybersecurity due diligence is especially important in the context of M&A because all parties involved in it must have strong security protocols in place.
Following an acquisition, plant machinery will likely become interconnected at different plant sites. Before an acquisition takes place M&A due diligence assessments should include all its network systems and digital assets. Overlooking and underestimating cyber risks leaves a facility open to potential cyber incidents. There were cases where these risks had gone unnoticed for several years after the merger and acquisition had been completed. These incidents are reported to have cost organizations millions of dollars.
Cyber due diligence
Cyber due diligence involves the following:
- Leadership support for cybersecurity due diligence;
- data mapping;
- quick assessment of cybersecurity practices; and
- a risk scoring tool that identifies and prioritizes risks.
By understanding all of the sources of data in an organization, how the data is collected and where the risks of unauthorized access may be, an organization has taken the first step in understanding how to protect itself from cyberattacks.
Organizational leadership must not rely on an IT individual or small team who may be preoccupied with ensuring daily operational technology works properly. Instead, identify the risk, prioritize the needs of the organization and then develop a plan to address those needs… before ransomware halts activity on the production floor.
Tekscape, Inc. is an industry leader in advanced and tailored IT technology solutions. Its mission is to provide a result-driven and business-minded approach to technology services with ease and agility. Tekscape specializes in designing, implementing and managing solutions to help companies in their digital transformation path, enabling effective infrastructure solutions, workforce productivity and implementing a comprehensive cybersecurity strategy.
Lauren Middleton’s firm, River Valley Digital, specializes in working with managed service providers and manufacturers all over the United States. For more information, visit www.tekscape.com/manufacturing.