March 16, 2023 By Josh Nadeau 4 min read

It seems like yesterday that industries were fumbling to understand the threats posed by post-pandemic economic and technological changes. While every disruption provides opportunities for positive change, it’s hard to ignore the impact that global supply chains, rising labor costs, digital currency and environmental regulations have had on commerce worldwide.

Many sectors are starting to see the light at the end of the tunnel. But 2022 has shown us that manufacturing still faces some dark clouds ahead when combatting persistent cybersecurity issues.

Security threats plagued manufacturers in 2022

In the last three years, most people have become all too familiar with the importance of supply chain resilience. Even a seemingly isolated incident can create a devastating global ripple effect, impacting everything from economic growth to political stability.

At the top of these global supply chains are suppliers and manufacturers that support everyone from the general population to government entities. As a result, their roles have become increasingly important across multiple industries. This makes their ability to operate securely and efficiently more important than ever.

But due to the complexity and necessity of their operations, manufacturers became a top target for malicious actors in 2022. Below, we’ll recap some of the most pressing cybersecurity threats we’ve seen in the manufacturing sector this year.

Nation-state attacks

Thanks to the world’s reliance on international supply chains, hostile nation-state actors are now targeting manufacturers. These sophisticated threats leverage advanced malware and exploit underlying vulnerabilities in IT systems, often to obtain confidential information or disrupt operations. For example, in 2022, a new ICS-focused threat group named Chernovite surfaced using a next-gen ICS hacking platform called PIPEDREAM, designed to target technologies supported by different third-party vendors.

Regarding nation-state attacks, the most significant risk is not just that of reputational damage. There’s also the danger of indirectly contributing to hostile activities from competing governments, including economic disruption and political unrest. In response, manufacturers are taking several steps to defend against nation-state attacks. One critical approach is to invest in more robust cybersecurity measures, such as firewalls, intrusion detection systems and encryption technologies. In addition, many manufacturers are working closely with government agencies and security experts to identify and mitigate potential system vulnerabilities.

Ransomware

IBM Security’s 2023 X-Force Threat Intelligence Index observed that the manufacturing sector was afflicted by the most ransomware cyberattacks and became one of the most extorted industries in 2022. The manufacturing industry is an attractive target for malicious actors because of their extensive intellectual property and sensitive financial information that can be compromised.

Moreover, disruption to operations caused by ransomware could tremendously impact the sector’s ability to deliver supplies and services. This makes leading manufacturers more willing to pay ransom demands, even though security experts strongly discourage this practice.

Many manufacturers have taken steps to shore up their defenses against ransomware attacks in response to these threats. This includes regularly patching systems, developing secure backups and disaster recovery plans, investing in robust cybersecurity solutions and educating personnel on best practices for cyber hygiene.

Read the Threat Index

Intellectual property theft

Intellectual property theft is another primary security concern in the manufacturing sector. It involves malicious actors stealing information such as product designs, source code, formulas, customer data and other sensitive materials. In 2021, threat actors in countries including China, Russia, Iran and North Korea were all involved in using IP theft to steal information regarding COVID-19 vaccine formulas.

Protecting IP requires a multi-faceted approach. This includes monitoring potential malicious activity, ensuring only authorized personnel can access sensitive information and investing in strong cybersecurity solutions. Zero trust architecture has become particularly popular for manufacturing companies looking to protect their intellectual property, as it combines authentication and encryption technologies to securely limit access and data flow.

Equipment sabotage

With businesses relying on automation and intelligent systems, the manufacturing sector is increasingly at risk of sabotage from malicious actors. These attacks involve deliberately tampering with or damaging equipment to disrupt operations.

Equipment sabotage has become an increasingly pressing concern with the war still waging between Russia and Ukraine and the further escalation of military tensions between China and India. Factories, supply chains and other production lines are vulnerable to equipment sabotage from competing nations and their supporters. As a result, there is a new focus on industrial control system (ICS) security to protect factories from these attacks. ICS security involves:

  • Deploying firewalls
  • Employing secure communications
  • Investing in privileged access management solutions
  • Regularly monitoring for suspicious activity.

Mandated actions for manufacturing companies moving forward

Local and federal governments have already begun to take action to protect the manufacturing sector from recent cyberattack trends. Below are some of the critical steps that governments have taken to secure the manufacturing industry:

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) was implemented to protect European citizens’ personal data and provide regulations that companies must follow to remain compliant. However, the GDPR also applies to any company that collects and processes data from European citizens, regardless of their country of operation. Therefore, manufacturing companies must be aware of their obligations under the GDPR or risk facing hefty fines.

CMMC compliance

The Cybersecurity Maturity Model Certification (CMMC) is a certification put into place by the U.S. Department of Defense to ensure organizations are equipped with the necessary security measures to protect Federal Contract Information (FCI) from malicious actors. It has become an essential requirement for any company or organization that wants to work with the government, as non-compliance may lead them to miss lucrative business opportunities and invaluable contracts.

Industrial Control System (ICS) security assessment frameworks

An Industrial Control System (ICS) security assessment framework comprehensively safeguards industrial control systems. It helps organizations identify and prioritize security risks, develop strategies for addressing them and deploy the necessary measures to protect their equipment from sabotage threats. With its holistic view of an organization’s ICS security posture, an assessment framework is invaluable in keeping operations safe and secure.

Moving forward for manufacturers

As the manufacturing sector faces greater risks from cyberattacks, companies are ramping up their security investments. The introduction of CISO roles in businesses is starting to drive this change as manufacturers realize how essential these positions are for mitigating cybersecurity threats. These developments demonstrate that manufacturers have shifted from a historically low focus on cybersecurity to making it a priority. This will help ensure continual protection against ever-evolving risks.

Despite potential difficulties in the coming years, manufacturers can stay one step ahead of looming threats by staying on top of their cybersecurity game. This includes investing in protections and remaining vigilant to comply with any new regulations or standards put into effect globally. Planning for these upheavals will be key to successfully navigating uncertain times and safeguarding operations and data from harm.

More from Intelligence & Analytics

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

Protecting your data and environment from unknown external risks

3 min read - Cybersecurity professionals always keep their eye out for trends and patterns to stay one step ahead of cyber criminals. The IBM X-Force does the same when working with customers. Over the past few years, clients have often asked the team about threats outside their internal environment, such as data leakage, brand impersonation, stolen credentials and phishing sites. To help customers overcome these often unknown and unexpected risks that are often outside of their control, the team created Cyber Exposure Insights…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today