According to the FBI, manufacturing is an attractive target for cyberattacks because of its complex attack surface and low risk tolerance: an attack that slows or stops production can easily result in millions of dollars of loss. MSSPs that serve manufacturing organizations face unique opportunities and challenges.
OT Cybersecurity Risk Factors
Overall, manufacturing is vulnerable to the same tactics, techniques and procedures (TTP) as other industries, including ransomware, phishing and spear phishing, trojans, and credential and data theft. Other possible TTPs include exploiting internet-accessible hardware that have weak authentication, and preloading malware into third-party software to provide initial access.
Even fully air-gapped environments can be compromised by malicious or unwitting insider threats (e.g., insertion of an infected USB drive) and by infected software upgrades, updates, and patches. Unique risk factors for operational technology (OT) include the following.
Increasing digitization, automation, and integration
While new technologies increase efficiency, they also expand the attack surface by adding new systems and connections to the OT environment that must be secured. Increasing IT/OT integration presents more new paths for attackers to access OT environments, and as more OT and IT systems become interconnected, failing to fully secure both environments increase both the likelihood and potential damage of a cyberattack.
Legacy devices and systems
Even as new technologies are adopted, it’s common practice for legacy manufacturing systems to stay in place because they are reliable, cost-effective, and would require significant capital and downtime to replace. Unfortunately, older assets can be challenging to secure, and connecting previously siloed and air-gapped legacy systems to newer digital technologies can expose these potentially vulnerable systems to a range of threats.
Growing susceptibility to supply-chain attacks
Manufacturers are especially vulnerable to digital supply-chain attacks: In fact, in 2022, the number of supply-chain attacks increased by an estimated 633%. Digital supply chain attacks cause real-world supply-chain problems because interruptions in production affect not only suppliers and customers but also transportation, logistics and other interdependent providers throughout the industry.
Lean and just-in-time (JIT) manufacturing approaches can increase vulnerability to supply-chain attacks. These modern approaches rely on access to an ecosystem of vendors to obtain materials and parts only when they are needed without maintaining large inventories.
While these approaches can improve efficiency and reduce costs, they create an industry-wide attack surface that makes manufacturing verticals even more susceptible to supply chain attacks: Because manufacturing everywhere may be slowed or stopped when components and materials are not available, a successful attack anywhere in the supply chain can effectively halt industry production.
Instead of directly targeting larger manufacturers, which may be heavily fortified against intrusions, malicious adversaries may instead attack its vendors — especially those with weaker cybersecurity — to achieve the same business disruption.
OT cybersecurity skills shortage
The growing cybersecurity skills shortage is currently estimated at 3.4 million globally with deficits of approximately 436,000 in North America and more than 317,000 in Europe, the Middle East and Asia. Cybersecurity professionals with specialized knowledge of industrial operations can be even more difficult to find.
The Self-Defending Manufacturing Floor
To protect mission-critical production systems, manufacturers will benefit from a “self-defending” manufacturing floor designed to mitigate the growing risk of cyberattacks while decreasing costs. The ideal self-defending manufacturing floor protects all OT, IoT, robotics, production, control, and IT systems with a single, powerful solution that offers:
- Flexibility to defend both air-gapped and networked systems
- An ultralightweight agent that requires minimal resources and doesn’t impact performance
- Scalability to easily support future technology investments
To deliver proactive threat detection and response, the self-defending manufacturing floor relies on powerful AI to monitor and automatically respond to cyberthreats. Unlike signature-file-based systems, which require continual updates and can only detect threats in the current database, the self-defending system can detect, analyze, and respond to both known and unknown or zero day threats anywhere in the manufacturing environment.
MSSPs and OT Cybersecurity
Manufacturing’s growing threat landscape presents an opportunity for MSSP solutions that prevent attacks and bolster operational resilience without increasing administrative burden. To help manufacturers address their unique cybersecurity requirements, MSSPs can benefit from forging new technology partnerships as well as new types of service packages and bundles.
Proven endpoint protection platforms platforms (such as CylancePROTECT from BlackBerry) deliver cost effective, scalable, and easy-to-manage solutions for MSSPs to secure both OT and IT assets. Click to learn more about OT cybersecurity solutions and the self-defending manufacturing floor.
Guest blog courtesy of BlackBerry Cybersecurity. Read more BlackBerry Cybersecurity blogs here. Regularly contributed guest blogs are part of MSSP Alert’s sponsorship program.
