Cybersecurity for the Manufacturing Industry
ACID Technologies helps manufacturing companies protect themselves by detecting the first signs of an impending cyberattack – as early as in its planning stage, and providing real-time, detailed alerts that enable the targeted manufacturers to implement effective preventive measures
Industry 4.0 and digital manufacturing are making cybersecurity for the manufacturing industry more essential than ever before
The manufacturing sector is a driving force of the economy on both local and national levels. It is therefore imperative, individually and collectively, for manufacturers to maintain business continuity and keep their systems, intellectual property and other sensitive information secure.
But now more than ever before, manufacturing companies are required to effectively cope with increased cyber threats, particularly those associated with Industry 4.0 – the integration of new technologies into production facilities and operations, including Internet of Things (IoT), cloud computing, analytics, AI and machine learning.
While these latest technological developments benefit manufacturers by optimizing control systems and increasing interoperability, they also present new risks, as cyber criminals are quick to identify vulnerabilities and eager to exploit them. These criminals are well aware that ransomware attacks in particular can be highly lucrative, as manufacturers cannot afford to have their operation shut down, possibly for several days and even longer, and their sensitive information – intellectual property, trade secrets, marketing plans, customer lists, etc. – offered for sale to their competitors.
The growing threat of cyberattacks highlights the urgent need for effective cybersecurity for manufacturing companies
IBM’s X-Force Threat Intelligence Index 2022 (covering 2021) reveals that for the first time in five years, the manufacturing industry suffered more cyberattacks that the finance and insurance sector. Ransomware attackers were quick to capitalize on operational stressors exacerbated by the Covid-19 pandemic, thus increasing global supply chain challenges. The report further states that the cyber criminals wagered on the ripple effect that disruption on manufacturing organizations would cause their downstream supply chains to pressure them into paying the ransom.
In general, there has been a 33% percent increase in manufacturing cyberattacks from 2021 to 2022, with 51% percent of manufacturing companies experiencing cyberattacks on their cloud infrastructure (Expert Computer Solutions).
Research conducted by “Make UK” – The Manufacturers’ Organization together with BlackBerry, and summarized in Make UK’s Cybersecurity in UK Manufacturing report for 2022, indicates that 42% of British manufacturers sustained cyberattacks in the preceding 12 months, and that 26% reported “substantial financial loss” ranging from £50,000 to £250,000 (US$ 62,000 to US$ 310,000). Of these, 65% reported work shutdowns, and 43% admitted to damage to their reputation, which affects their business not only in the present, but also in the long term.
37% of the manufacturers stated that cybersecurity concerns led them to avoid introducing new connected technologies, despite recognizing their benefit in increasing productivity.
According to IBM’s X-Force Threat Intelligence Index 2022, an alarming 47% of attacks on manufacturing companies resulted from vulnerabilities that the targeted manufacturers were unable to patch or had had not yet done so.
42% of UK manfacturers suffered cyberattacks, 26% of these resulted in financial losses of up to £250,000
(Make UK report)
37% of UK manufacturers avoided introducing productivity enhancing connected technologies due to cybersecurity concerns
(Make UK report)
Threats that cybersecurity for the manufacturing industry must effectively address
To thrive, businesses must protect themselves from malicious cyber activity, including, among others:
Supply Chain Attacks
In these attacks, a manufacturer with its own effective security system can still be at risk through contacts with a poorly secured trusted vendor or partner. For example, supply chain attacks can take place through malware installed on connected devices, or third-party software updates. Such attacks can result in the theft of sensitive information, disrupt manufacturing, reveal information about investors and clients, and more.
Theft of intellectual propert
The theft of trade secrets, products under development, etc., particularly if these are to end up in competitors’ hands, can be nothing short of disastrous to manufacturers.
A favored type of attack among cybercriminals targeting manufacturing companies. The attackers are well aware that manufacturers incur financial and reputational harm when their operation is shut down and/or their sensitive information falls into their competitors’ hands, and are likely to pay the ransom in order to avoid finding themselves in such a predicament.
The benefits of implementing IoT technology come with added vulnerabilities that must be addressed.
Attacks demonstrating the urgent need for cybersecurity for manufacturing companies
- O’Neil Industries: In February 2023, the holding company of several companies in the metal industry, based in the USA, sustained a cyberattack. The company reported that an unauthorized party had gained access to consumers’ names, social security numbers and addresses.
- Toyota: In January 2023, Toyota Motor corporation revealed that a data breach at Toyota Kirloskar Motor, a joint venture with the Indian conglomerate Kirloskar Motor, may have compromised the personal information of nearly 300,000 of its customers. The company issued a statement: “In December 2017, the ‘T-Connect’ website development subcontractor mistakenly uploaded part of the source code to their GitHub account while it was set to be public, in violation of the handling rules.”
- Pepsi: In late December 2022 cybercriminals penetrated the network of Pepsi Bottling Ventures, which operates 18 facilities in the USA, and installed malware to extract and steal data from the company’s IT systems. The attack was discovered only 2.5 weeks later. The number of affected individuals, and whether they were customers or employees, was unclear, but it seems that the affected data included full names, home addresses, financial account information (including PINs, passwords and access numbers), state and federal issued ID numbers and driver’s license numbers, ID cards, social security numbers, passport information, digital signatures and information related to benefits and employment, including medical history and claims – as reported by Bleeping Computer.
- Ferrari: In October 2022, cybercriminals claimed to have obtained company documents and data at a scope of 7GB, which they then posted on dark web leak site. Ferrari had previously suffered the effects of a cyberattack on the Italian manufacturer Speroni in 2021, when 900 GB of data were stolen, containing sensitive information also on other Italian car manufacturers, including Fiat and Lamborghini.
- THALES Group: The multinational company (81,000+ employees worldwide) was targeted in a ransomware attack at the end of October 2022. The attackers began releasing data they claimed to have stolen when the ransom was not paid. THALES continued to maintain that its IT system had not been breached. THALES had been the victim of a ransomware attack in January 2022 as well, had also refused to pay ransom on that occasion, resulting in its files being leaked.
- Iranian steel companies: In June 2022, Several Iranian steel companies sustained cyberattacks that disrupted the operation at one site, possibly more. An Iranian hacker group, which had previously attacked Iranian Rail in mid-2021, also claimed responsibility for this attack.
- DENSO Automotive Deutschland: A ransomware attack was perpetrated against the company in March 2022, in which 1.4 TB of data, some of which was proprietary data, were stolen by the attackers. DENSO is the second largest automotive parts manufacturer in the world and the no. 1 parts supplier of Toyota.
- Nvidia: In March 2022, the chips and graphic cards producer sustained a cyberattack in which substantial data was accessed by the perpetrators, according to some reports – up to 1 TB.
- KP Snacks: The British snacks producer was targeted in a ransomware attack in February 2022. The company’s data was encrypted and stolen, and some of it was posted on the dark net. Its supply chain was also impacted; KP Snacks released a statement saying that it could not “safely process orders or dispatch goods.”
- Kojima Industries, affecting Toyota: An attack in February 2022 on Kojima Industries, which supplies Toyota with key components for cars, led to the suspension of operations at 14 manufacturing plants in Japan for at least 24 hours. The suspected perpetrators are Russian.
- Bridgestone Americas: The U.S. division of Bridgestone Corporation, a Japanese-owned tire company manufacturing and selling tires in more than 150 companies, suffered a cyberattack in February 2022. As a result, the company was forced to shut down a significant share of its manufacturing plants. It was revealed that the hackers accessed sensitive consumer information.
- Quanta Computers: The Taiwanese company, whose clients include Apple, Lenovo, Microsoft, Dell and Cisco, was targeted in a ransomware attack perpetrated by the Russian hacking group REvil in April 2021. The cybercriminals initially demanded payment of US$ 50 million from Quanta in return for the stolen data. The data included engineering and manufacturing schematics of current and future Apple products. When Quanta refused to pay the ransom they demanded, the hackers sent their demand to Apple.
- BMW: APT hackers breached the network of the German multinational manufacturer of luxury vehicles in 2019. According to German media, the hackers, who are suspected of being connected to the government of Vietnam, also hacked into Hyundai’s systems as well. Their aim seems to have been to steal trade secrets. ZDNet reported that the attackers allegedly installed a penetration testing toolkit named Cobalt Strike on infected hosts, which they used as a backdoor into the compromised network. It added that BMW had supposedly allowed the hackers to persist on its network, and followed their every move, cutting off their access at the end of November.
Cybersecurity for the manufacturing sector must be affordable, not only effective
Reports show that far too many manufacturers do not implement effective cybersecurity means due to high cost. Among these are Make UK’s Cybersecurity in UK Manufacturing report for 2022, which states that 41% of manufacturing companies that participated in its study stated the high cost of cybersecurity solutions as a barrier, and that 35% identified added cost or time in maintaining cybersecurity systems as the obstacle. The organization also reported that while 89% of the respondents invested heavily in antivirus software and firewalls to secure Internet connections, these investments were insufficient for dealing with new threats resulting from the recent adoption of digital technologies like industrial IoT. In fact, 54% admitted that they had made a conscious decision not to implement further cybersecurity means despite having introduced new technologies to boost their production capability.
These findings underscore the importance of cybersecurity solutions for the manufacturing industry which are not only effective at dealing with the threats, but are also ones that manufacturers can afford.
ACID’s cost-effective cyber security for the manufacturing sector
ACID offers an exceptionally cost-effective solution for the manufacturing sector: It deploys clusters of bots and implements advanced AI algorithms in order to detect the first signs of an attack in the clear, deep and dark web, as well as in multiple other sources, as early as in its initial planning phase. Once such signs are detected, ACID alerts the targeted organization in real time, providing all the available information – including screenshots of threats detected on the dark web and deep web, which the company in the cybercriminals’ crosshairs may be reluctant to access itself, or is incapable of doing so. ACID continues to monitor the sources, using client-specific keywords in several languages, and provides updates with any additional data as it becomes available. While ACID continuously monitors a great number of sources, if the manufacturer wishes to include additional ones in the search, or add key words, ACID is happy to oblige.
The real time alerts provided by ACID at the first hint of an attack, and the subsequent updates with additional information as it becomes available, enable the IT teams of manufacturing companies to prepare and implement countermeasures that will mitigate the impact of the attack, or possibly thwart it altogether. Manufacturers are thus supported in avoiding the theft of sensitive data and its exposure to competitors, heavy ransom payments and operational disruption.
How does ACID Technologies help your business?
DETECTS AND ALERTS TO THREATS
ACID alerts its client organizations to attacks being planned and executed against them, increasing their TTM (time to mitigate). Supply system threats, which are common in the manufacturing industry, are detected when the client organization’s data is exposed as a result of an attack waged against a trusted provider or partner, or when the organization includes the company/ies he maintains business connections with in his search parameters.
The real-time advance alert enables implementing countermeasures in order to reduce the severity of these attacks, or even thwart them. As more details become available through continuous monitoring, the organization is immediately updated, and is thus able to enhance the effectiveness of its response to the threat.
SECURES WITHOUT DISRUPTING BUSINESS
Threat monitoring, meticulously tailored to meet the specific needs of each client organization, takes place 24/7/365 on multiple and diverse sources, providing security without disrupting business operation.
PREVENTS POTENTIALLY DISASTROUS CONSEQUENCES OF ATTACKS
ACID’s AI-enabled technology provides real-time alerts to any hint of attack against the client organization. Its resultant ability to take effective targeted action to foil the attack or mitigate its consequences can help it avoid potentially crippling harm to its business – in terms of operation, financial status and reputation.
What does ACID do?
- ACID’s AI-enhanced technology detects data breaches as early as in their planning stage, and provides manufacturing plants with more time to respond
- We help you mitigate cyber risks throughout your supply chain
- We assist in eliminating industrial control system vulnerabilities by alerting you to them
- We support you in keeping your sensitive information secure
- We help you avoid disruption to your manufacturing operation
ACID provides 24/7/365 advanced threat detection and real-time alerting. Our state-of-the-art technological solution help keep your business running smoothly as it safeguards your infrastructure and digital assets from cyber attacks. Our solution is based on the years of expertise and experience accumulated by our experts in enhancing cybersecurity in industrial sector organizations. We offer end-to-end, tailor-made manufacturing cyber security solutions to protect your business’s network and systems. For more details, contact us today!