H Cyber Guy

Manufacturing under attack: Defending the factory floor

April 21, 2023
BlackBerry survey reveals a growing number of manufacturing leaders are looking beyond supply chain challenges, inflationary pressures, and a tight labor market toward longer-term, multi-faceted cyber-threats.

By Shishir Singh, cybersecurity CTO, BlackBerry

Trade secrets, patents, personal data—all highly valuable pieces of intellectual property that, if stolen or compromised, could cause significant harm to a manufacturing company’s competitive advantage and bottom line. Manufacturing facilities are the backbone of global economies and critical infrastructure, which also makes them a treasure trove for cyber-criminals.

A growing number of leaders in the manufacturing industry are concerned about stormy waters ahead when it comes to cybersecurity. They’re looking beyond supply chain challenges, inflationary pressures, and a tight labor market toward this longer-term and multi-faceted threat.

BlackBerry surveyed 1,500 manufacturing IT decision-makers across North America, the United Kingdom, Germany, Japan, and Australia. Almost two-thirds (75%) were subjected to a cybersecurity incident in the past year. Another two-thirds (75%) believe other nation-states are actively targeting manufacturers in their country.

These leaders are most concerned about malicious attacks through connected devices including via the Internet of Things (40%), unauthorized access to sensitive data by malicious insiders (29%), ransomware attacks (23%), and politically motivated attacks (19%). These results make sense. I've also seen phishing attacks and the discovery of third-party software vulnerabilities significantly impact OT and IoT infrastructure during the last year.

Half of the manufacturers surveyed say malware attacks through third-party access are among their greatest fears. Their concerns about intentional attacks include malicious attacks through connected devices including via the IoT and unauthorized access to sensitive data by malicious insiders. The reality is non-malicious insiders are just as significant a security threat as external attackers, highlighting the vulnerability of the systems manufacturing facilities have in place. The technology used on the factory floor—at the center of production—is the vulnerable core of the manufacturing sector and more difficult to defend than IT infrastructure.

SMART INDUSTRY WEBINAR ON DEMAND: How To Partner IT, OT And Security To Drive Efficiency

Alarmingly, the majority (86%) admit to running core functions on outdated and unsupported legacy operating systems. Most (70%) say aging hardware limits their ability to update their OT assets and endpoints. This is driving much of the cyber-risk in manufacturing environments. For instance, more than a third of respondents (36%) admit they still use Windows NT, an OS first released in 1993 and last supported nearly 20 years ago in 2004. Nearly half (46%) say they still use Windows XP (released in 2001), for which support ended almost nine years ago in 2014, and over half (57%) utilize workstations running Windows 7, for which support expired three years ago. The same number (57%) depend on Windows 8, which Microsoft stopped supporting in January 2023.

The OT that manufacturers depend on to manage their factory floors faces an onslaught of cyberattacks that take advantage of a narrowing gap between OT and IT networks. An attack on one can quickly become an attack on both. The industry isn’t prepared to deal with such a big threat surface while running on antiquated operating technology. Clearly, something must be done—because the stakes are now too high to ignore, even for small and mid-market organizations.

When I think about the impact of a cybersecurity incident in OT, it amounts to more than downtime—though that stoppage alone can be cataclysmic to a manufacturer. In the aftermath of a cyberattack, organizations must also restore and update their technology infrastructure while absorbing the impact of lost production and the resulting damage to their reputation.

As we look to the future, the leaders we surveyed—aware of evolving and growing cybersecurity threats—say they’re starting to adopt modernization strategies, including migration to cloud-based solutions (56%), adoption of the Internet of Things (46%), and integration with modern software and hardware (37%). Over the next five years, 52% said they would implement edge computing, and 37% said they would adopt the use of digital twins.

Factory floors cannot remain inadequately protected. It’s critical for us to find ways to defend these older systems from modern threats. A cyberattack against OT equipment can put the rest of the business at risk, as OT and IT systems become increasingly interdependent.