About Cybersecurity for Manufacturing
Cybersecurity in manufacturing involves a range of technology solutions, human expertise, threat intelligence, and best practices tailored to the manufacturing industry. This sector is particularly vulnerable to intellectual property (IP) breaches and operational and supply chain data.
How Does Cybersecurity for Manufacturing Compare with Other Industries?
Manufacturing faces vulnerabilities similar to those of other industries, i.e., risk of confidential internal data, customer data risks, and IP.
However, because fewer people are directly involved in manufacturing processes, the focus is more on protecting critical operational data, supply chain data, and corporate IP, which are highly susceptible to espionage, especially in a business-to-business (B2B) setting.
Enhanced by just-in-time delivery systems that track and trace necessary materials, the manufacturing supply chain presents significant risks.
Any failure in these systems can cause major disruptions, leading to delays in production and delivery.
What Are the Main Cybersecurity Risks in Manufacturing?
Manufacturing has seen significant technological advancements in the last decade, especially in AI, big data, and the Internet of Things (IoT).
These developments, alongside increased automation, global communication networks, and innovations in 3D printing, have ushered in the era of the intelligent factory. However, this heavy reliance on technology makes manufacturing an attractive target for cybercriminals.
Attackers often target manufacturers’ automated systems, aiming not to shut down entire production lines but to disrupt small parts of the process.
Such interference may not completely stop manufacturing but can reduce efficiency, delays, and faulty products. Often, these breaches go undetected for long periods before the manufacturers become aware of them.
What Are the Latest Ransomware Trends in Manufacturing?
Nearly two-thirds (65%) of manufacturing and production companies reported being hit by ransomware in the past year. This was a noticeable increase from 2023 (56%) and 2022 (55%) and represents a 19-point rise since 2020 (46%).
Almost all affected manufacturing organizations (99%) could identify the root cause of the ransomware attacks.
Malicious emails were the leading cause, accounting for 29% of the attacks, followed by exploited vulnerabilities, responsible for 27% of the cases. This is a shift from 2023 when compromised credentials were the most common method to launch ransomware attacks.
How Much Does Cybercrime in Manufacturing Cost Companies?
Research shows that 55% of manufacturers faced cyberattacks in 2021, which is lower than the average across all sectors (66%).
However, the average ransom paid by manufacturers, which stands at £1.6 million, is much higher than the cross-industry average of £650,000.
These figures don’t include the potential losses in earnings and damage to reputation that ransomware attacks can cause.
While manufacturers may be targeted less frequently, the financial impact of each attack is generally much more significant.
For example, in June 2024, CDK Global, a U.S. auto and equipment dealer’s primary software provider, reportedly paid a £19.5 million ransom in cryptocurrency after a cyberattack temporarily halted sales processing nationwide.
This attack exposed vulnerabilities in critical supply chains and highlighted the ongoing threat of ransomware to manufacturing operations.
Not all cybercriminals are motivated by financial gain; some have ideological goals, which can cause significant damage, such as driving up prices, without the option of ransom payments.
An example is the Predatory Sparrow group, which targeted Iran’s Khouzestan Steel Company, bringing its operations to a halt. Such attacks are felt globally, impacting supply chains and increasing prices worldwide.
What Are Cybersecurity Measures for Manufacturing?
The numerous attacks on manufacturers worldwide highlight the urgent need for improved cybersecurity measures.
Investing in advanced infrastructure, cybersecurity technologies, and expertise—in-house or through third parties—is crucial for manufacturers to reduce the high costs and impacts of cyber threats.
Cybercriminals are becoming increasingly sophisticated, often possessing resources and tools that surpass traditional defensive technologies.
These attackers frequently use legitimate IT tools, exploit stolen credentials, and take advantage of unpatched vulnerabilities to bypass cybersecurity defenses.
By mimicking authorized users and exploiting weaknesses within organizations, they often avoid detection by automated systems.
Technology solutions alone are not enough to prevent every cyberattack.
The most effective way to detect and neutralize ongoing cyber threats involves constant monitoring—”24×7 eyes on glass”—by skilled professionals.
These experts use a range of security alerts and real-time threat intelligence to identify and stop threats before they cause significant harm. However, the complexity of modern operating environments and the rapid pace of evolving cyber threats make this approach challenging for many manufacturing organizations.
Specific manufacturing equipment, such as IoT sensors and devices, often lacks strong protection because they need the memory or processing power to support full-featured endpoint security software.
Additionally, whenever a manufacturing device connects to a network, there is a risk of interception or infiltration.
