Understanding cybersecurity is no longer an issue reserved for IT, as manufacturers face increasing financial and operational risks as a result of cybersecurity attacks. On average, manufacturing companies lose $1.9 million per day to downtime, and have to deal with an average of 11.6 days of downtime due to cybersecurity attacks.
Joe Hopper of Fracture Labs, a group offering offensive cybersecurity solutions, spoke at the recently held AEM Product Safety & Stewardship Conference on how manufacturing companies can combat these costly attacks.
“On top of that pain, now threat actors are demanding ransom, and holding your company and your data at ransom until you pay them. On average, almost $11 million was the ransom ask in 2024,” said Hopper.
An Ever-Present Risk
Cybersecurity risks are not going away – in fact, the issue is only getting worse. Manufacturing is now the most targeted industry for cyberattacks, specifically ransomware. Last year, 65% of manufacturing companies fell victim to ransomware attacks. And, roughly 80% of those companies have critical vulnerabilities.
The industry is currently seeing two primary types of attacks:
- Ransomware and extortion
- Attacks aiming to inflict physical damage
While many companies are getting better at backing up their systems to avoid paying ransom to get their systems back online quickly, according to Hopper threat actors are now turning to extortion and threatening to release company data publicly. Not only does this pose a threat to proprietary information, but it also exposes information to other threat actors who may be able to find holes in the system that they can exploit.
Typical Attack Chains
Initial access: Examples include an employee clicking on a phishing email, finding a USB in the parking lot, or answering a fraudulent phone call from tech support. Unpatched systems are a huge problem in the industry, as many companies don’t keep their systems up to date. Social engineering is becoming a growing threat as well – phishing emails or SMS messages can be extremely convincing at times. Weak passwords are another critical issue, with many users reusing passwords from platform to platform.
Elevating privileges: Threat actors don’t need to know where they will land in a company’s system or go after a high-level account user. They want to get in where they can, and then they elevate the level of their privilege from the inside. From there, they’ll start going into various areas of an organization to find important data, to figure out what they can extort, and what will cause company pain. They also want to hide out – organizations are getting much more secure, and threat actors must avoid detection.
There are several ways to gain access to company information and conceal access privileges – without taking an active role in mitigating risk, organizations can find themselves in a precarious situation quickly.
“Integrating continual threat modeling into your processes can make a huge difference – thinking of what could go wrong and understanding that everyone plays a role in cybersecurity can help close off some of these entry points and lateral movements that threat actors are exploiting,” explained Hopper.
How To Combat Cybersecurity Risk
Incorporating security measures from the start is one effective way to combat cybersecurity attacks. Embed security in the product development lifecycle, including:
- Interactions with third-party providers and systems
- Patch regularly – even critical and legacy systems
- Segment IT and OT networks to reduce the overall risk and protect critical systems
- Enforce strong password policies and use credential vaulting tools
- Deploy simple, effective multi-factor authentication (MFA) for all high-impact systems
Educating users on secure computing and creating complex passwords is another way to combat risk – creating a shared culture of digital safety. And delivering role-based education and awareness, from engineering and operations to leadership goes a long way.
“This truly is a business problem, not an IT problem,” said Hopper. “IT needs to be there as a helpful partner, working alongside us to enable security, but users should also be thoroughly educated to make better decisions in their day-to-day lives.”
Recognizing the risks surrounding cybersecurity and taking an active role in preventing attacks can be the difference between operating like normal and being ransomed for millions of dollars. Manufacturers need to be acutely aware of the risks that cybersecurity attacks pose and create a solid plan to maintain safe operations.
About AEM’s Product Safety & Stewardship Conference
The Product Safety & Stewardship Conference is setting the stage as the industry's only conference designed to provide attendees with first-class access to the latest insight on product liability, safety design standards, regulatory requirements, and potential risks to avoid. View the official website for more information.