The manufacturing industry was the most attacked industry in 2021, surpassing financial services, according to billions of data points analyzed by
Ransomware, the top attack type, accounted for nearly a quarter of the attacks on manufacturing companies.
In the past, cyberattackers focused their attention on the financial, healthcare, retail, and energy industries, allowing many in manufacturing to sail by on the belief that threat actors were not interested in them.
Several factors have combined in recent years, however, to make manufacturing the preferred prey.
Increased utilization of internet-connected operations and industrial control systems, the Industrial Internet of Things, increased security and regulation within other heavily targeted industries, an expanded remote workforce, and other workforce vulnerabilities all act like chum in the ocean to attract predators.
In the past, the sharks may not have shown much interest in manufacturers, but now, “You’re gonna need a bigger boat.”
Phishing attacks, while targeted at various industries, have been increasing year-over-year in the manufacturing industry, which is now a top target for phishing attacks each year.
A phishing attack tricks the target into opening a malicious email attachment or website by spoofing the identity of the sender.
The attachments and websites contain trojans or other malware that are downloaded and scan systems for vulnerabilities to exploit and/or data to collect—either to be held for ransom or sold on the dark web by the threat actor.
The manufacturing industry is particularly vulnerable to phishing attacks because of legacy equipment, which is fairly easy for attackers to exploit, fragmented security infrastructures attributable to location-based variations in hardware and software technologies being utilized, and large workforces with varying levels of information technology expertise and training.
In addition to ransomware and phishing attacks, manufacturers are also frequently targeted for intellectual property theft, IIOT attacks, and supply chain attacks, where the actor infiltrates an organization through a third-party vendor or supplier through viruses or malware in order to disrupt the manufacturer’s operations and ripple delays through the entire supply chain.
Analysts predict global cybercrime costs to reach
If your organization has purchased or renewed a cyber insurance policy, you likely felt the impact in your increased premiums and more rigorous underwriting process.
Cyber insurers raised premiums by a staggering 92% in 2021 according to information submitted to the
Those premiums increased by 34.3% in the fourth quarter of 2021 alone.
In tandem with the costs of responding to cyberattacks, the notification requirements to individuals and regulators have also been increasing in recent years, with states modifying their breach notification statutes to increase the scope of affected data that must be reported, and shorten the timeframe to do so, for example.
Most recently, and specific to manufacturers, in
While the law does not identify which critical infrastructure sectors will be covered by the reporting obligations, CISA’s future rule-making may look to the 16 critical infrastructure sectors it has identified as vital to the
In the face of these increasing threats and compliance obligations within the industry, manufacturers must act now and make investments to defend and maintain production; to protect intellectual property, confidential information, and customer data; to avoid financial losses, and to safeguard against physical damage to machinery and other critical systems.
A comprehensive cybersecurity plan is imperative, including the following (among other items):
Consider engaging professional cybersecurity experts and qualified counsel early in the development of a cybersecurity plan, and especially upon the occurrence of a cybersecurity incident.
Most importantly—practice your response plan. No coach would expect a team to execute effectively plays simply by reading the diagrams in a playbook.
The best designed response plan will likely fail in several areas amidst the chaos of a cyberattack if your team has never simulated it, posing significant operational and compliance risks.
This alert first appeared on CBIA’s website and is published here with permission.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
Tel: 860251 5000
Fax: 860521 5099
© Mondaq Ltd, 2022 – Tel. +44 (0)20 8544 8300 – http://www.mondaq.com, source