Manufacturing Sector

Security challenges facing the manufacturing sector

  • The new threat landscape

  • Attacking is not only about making money

  • The fourth industrial revolution

  • IoT

  • Mapping the infrastructure can be difficult

  • Employees at different locations might not view cyber-security as their problem


The new threat landscape

Before 2017 it was often difficult to engage manufacturing enterprises in board-level discussions about cybersecurity. C-Suite executives in this sector tended to assume that cyber threats were aimed at financial services or companies where data could be monetized by criminals through cyber-enabled fraud.

Then came the major ransomware attacks of 2017—Wannacryand NotPetya. For the first time, major manufacturing companies attributed losses to cyberattacks. 2017 was a wake-up call for manufacturing because it demonstrated two things. First, even if a company is not specifically targeted by cyber-criminals it may well be caught by attacks on others, as cyber ‘collateral damage’. No one thinks that manufacturers were targeted by either Wannacry or NotPetya, but that was no consolation to those unable to do business when this malware spread indiscriminately.


Attacking is not only about making money

Second, it became clear that both these global ransomware attacks were state-sponsored: Wannacry by North Korea, and NotPetya by Russia, as part of its political campaign against Ukraine. The increasingly aggressive and irresponsible behavior of nation-states online posed a new threat to new sectors. Hostile states might well have reason to disrupt energy, utilities or manufacturing as part of a political campaign against the West. The old assumption that cyberattacks were only about making money, and therefore less of a threat to manufacturing, was shown to be mistaken.


The fourth industrial revolution

Internet of Things (IoT) technology has enabled the fourth industrial revolution (Industry 4.0) by connecting factories and plants to the Internet. A Smart Factory is connected with supply chains through the internet. Data flows from machines and the factory floor to the cloud, and subsequent information exchanges occur between all stakeholders in a supply chain. This enables synchronized and concerted control in all aspects of manufacturing, offering an easier, smarter, more productive and more prosperous manufacturing processes lifecycle with real-time information and real-time management.

However, the increasing use of the internet and mobile devices means that modern manufacturing systems also face vulnerabilities and threats from the internet.

Inadequately protected networks, processes, and operations pose huge threats to industrial plants and businesses. They are open to a range of attacks and cybercrimes and threatened by interference, disruption or denial of process controls, theft of intellectual property, the loss of sensitive corporate data, hostile alterations to data, and industrial espionage. Once attackers gain access to a critical application, they can manipulate machines or manufacturing processes remotely.



The pressure to automate and digitize is particularly strong in manufacturing and the use of IoT devices, particularly sensors providing telemetry data, is escalating. These devices are generally manufactured and procured on cost rather than security and can provide soft new vectors of attack for cyber-criminals.


Mapping the infrastructure can be difficult

Manufacturers also find mapping their own attack surface particularly difficult. They may well be geographically dispersed with physical manufacturing plants in many countries and several continents. These may well operate legacy systems and the cost and disruption involved in updating may seem prohibitive. In short, those responsible for cybersecurity in manufacturing companies have a particularly tough job understanding the perimeters of their network and the nature of their attack surface. Many companies will have grown by acquisition, without any certainty about the cyber hygiene of those absorbed into their network.


Employees at different locations might not view cyber-security as their problem

Staff on the factory floor can see the consequences of poor health and safety practice, but cybersecurity tends to be seen as a corporate or head office problem: it is not recognized as a potential cause of downtime and business interruption.

Sources:  I  IOT Security Foundation