Top 5 Cybersecurity risks in the manufacturing sector

Streamscan has a long experience in securing manufacturing IT and OT environments. For example:

• We help manufacturers define and implement their IT and OT cyber defense strategy.
• We remotely monitor the security of several manufacturers from here, through our MDR monitoring service, which allows us to see first hand the security challenges they face on a daily basis.
• We are regularly called upon to help manufacturers recover from major incidents (ransomware, etc.).

Based on our experience in the field, here are the TOP 5 cybersecurity risks that target manufacturers.

Note: in addition to these 5 risks, a manufacturer may also face other cyber risks depending on its reality. To identify all the cyber risks that can target you, please use the Express Cybersecurity Audit for Manufacturers form. Limit yourself to the TOP 10 of your risks and make sure you address all of them. You will see that your level of exposure to cyber attacks will drastically decrease.

Risk 1 - Phishing

Phishing is the number one risk faced by manufacturers. The success rate of phishing attacks is quite high in this sector because many employees are not familiar with IT. In addition, user awareness is not often a regular cybersecurity practice. We also note that email solutions (e.g. O365) are deployed with minimal and insufficient security settings, which allows many malicious emails (with malicious attachments or links) to pass through. All this increases the click rate of employees, which ultimately leads to successful phishing: password theft, malicious access to employee mailboxes, President's fraud, fraud, etc.

Solution: Your first priority is to perform a security diagnostic of your email solution to ensure that it is properly configured and blocks the vast majority of malicious emails because by default it is not. After correcting the discrepancies, you will see that the phishing rate will drop drastically in your organization. After that, educate your employees regularly and conduct phishing tests.

If you need help with a security diagnostic of your email solution, talk to one of our experts.

Risk 2 - Ransomware

Ransomware remains the biggest nightmare for manufacturers because its consequences are major:

• Shutdown of production lines for several days, which has serious consequences on sales and leads to significant financial losses
• Impact on logistics and procurement, leading to an inability to deliver goods to customers
• Complete shutdown of the IT network preventing employees from working for several days
• Exfiltration of intellectual property (IP) and personal information
• Etc.

Solution: We recommend that manufacturers implement technology that allows them to have 360-degree visibility of their network security. This is done with an intrusion detection/prevention system (IDS/IPS/NDR) such as StreamScan's CDS. Visibility is the key to cybersecurity and this type of tool prevents you from having blind spots in your network security. In addition to an IDS/IPS, make sure you have a good antivirus or EDR on every computer on the network. Finally, monitor your network security 24/7. This is what will allow us to identify attacks at the first sign and treat them to prevent them from becoming a problem.

Risk 3 - attacks targeting IoT / IOT

Operational and industrial technologies (OT) and IOTs are in constant use in manufacturing environments. Once installed, they can operate for several years and their security vulnerabilities accumulate. Uncorrected, these vulnerabilities can be exploited to hack IoTs and IOTs and enter the organization's network. The consequences can be numerous including production line stoppage, ransomware, etc. In addition, the interconnection of IT and industrial (IoT) systems for the transition to Industry 4.0 at some manufacturers increases security threats because IoT systems are de facto exposed to the Internet, and therefore to cyber attacks.

According to an IBM X-Force Threat Intelligence Index 2022 study, reconnaissance attacks against IoTs have increased by 2204% in 2021! A great interest from hackers to target IoTs is therefore very evident.

Solution: It is crucial to ensure that your IoT and IOT are well secured. To do this, follow our recommendations for securing IoTs/IOTs.

Risk 4 - Financial Fraud

Manufacturers are constantly targeted by financial fraud attempts, mainly through phishing mails, followed by fraudulent phone calls. The primary targets are members of senior management and members of the finance department. Hackers identify their targets via corporate websites, professional social networks (LinkedIN, etc.) or from lists they buy on the Darkweb. In addition, every time your organization makes media announcements about good news, you appear to be an attractive target for hackers.

Solution: you need to make sure you educate your Senior Management and Finance staff on the risks of financial fraud and the most commonly used scenarios/modes of operation (president fraud, etc.). Make sure to run regular financial fraud phishing campaigns to sharpen the reflexes of senior management and finance personnel.

Risk 5 - Theft of intellectual property or confidential data

Many manufacturers are active in R&D, which exposes them to targeted attacks aimed at stealing their intellectual property or confidential data. This theft is made possible when :

• Manufacturing networks are weakly secured (existence of several vulnerable legacy systems, poor network segmentation, etc.) which facilitates their hacking.
• The security of systems storing intellectual property or confidential data is not reinforced. Very often the only means of protection is the password, which is largely insufficient.
• Remote access to the network is often deficient (RDP or VPN without MFA authentication, use of weak passwords, etc.) which facilitates their hacking.
• Network security is not regularly monitored, which does not allow for early detection of attacks in order to limit or eliminate their impact.

Solution: make sure to identify all systems containing intellectual property and strengthen their security (password + MFA, hardening, logging and tracking access, etc.). Use complex passwords internally as well as for the VPN (with MFA) and manage security vulnerabilities in your network. Prioritize security monitoring of systems storing intellectual property or confidential data.

How Streamscan can help you

Streamscan's expertise covers the development of cyber threat detection technologies, remote security monitoring of organizations, response to cyber attacks, etc.

We specialize in cybersecurity for manufacturers and can help you better understand and address the cybersecurity issues and challenges that can impact your organization. Talk to one of our experts.