Manufacturing organizations also need to be vigilant due to the complexity of their networks and the significant amount of valuable data they possess. This material explores some common cyber security risks that manufacturing companies face, explains how these attacks work, and what risks to consider.
We’ve researched cyberattacks from 2018 to 2022 to identify statistics and patterns of cyber security attacks on the manufacturing industry, which show how cybercriminals are becoming a looming threat to the manufacturing world.
Given the rapid increase in these instances, industries need to adopt the best manufacturing cybersecurity practices and find a dynamic solution to prevent these cyberattacks.
Keep reading to learn more about potential threats and ways to elevate cybersecurity efforts in manufacturing.
Recent Cyberattacks on Manufacturing Companies
Despite a substantial increase in cyber security defense spending,
around 51 percent of manufacturing companies experienced cyberattacks on their cloud infrastructure over the last year.
Studies show that there has been a 33 percent increase in manufacturing cyberattacks over the previous year, of which 44 percent occurred because companies didn’t have their patch management in order.
It’s essential to study the recent cyberattacks on manufacturing companies to identify the common signs of a cybersecurity attack. Here are some manufacturing cybersecurity case studies and manufacturing cyberattack examples from 2018 to 2022.
Manufacturing Cyberattacks 2022
Attack on Bridgestone Americas, a Tire Producer
On February 27, tire producer Bridgestone Americas announced they had experienced a cyberattack and launched an investigation into their IT systems failure. On March 11, they declared that the LockBit ransomware group had conducted an attack.
The group included Bridgestone on their victim list and requested a ransom, threatening to release the stolen data if they didn’t get the money.
To prevent the malware from spreading, the company had to disconnect computer networks and halt production at many facilities across the Latin America and North America regions.
Conti Ransomware Attack on Nordex, a Wind Turbine Producer
In April 2022, Nordex, a major producer of wind turbines, detected a Conti ransomware cyberattack on their network, which caused several systems across their branches to go offline.
The company closed remote access to managed wind turbines and shut down IT systems to prevent the malware from spreading further and limit the damage to their internal network.
Attack on Iranian Steel Companies
In June 2022, Iranian steel companies like Hormozgan, Khouzestan, and Mobarakeh underwent cyberattacks that disrupted the industrial processes at Khouzestan Steelworks.
The same group had previously attacked the Iranian Rail in June 2021, causing massive interruptions and delays in transport. Although the company denied any disruptions in operations, the hacktivist group Gonjeshk’e Darandeh claimed responsibility for the attack.
Manufacturing Cyberattacks 2021
Quanta Ransomware Attack
In April 2021, Quanta, the original design manufacturer and supplier to Dell, Apple, Lenovo, Microsoft, and Cisco, acknowledged a crippling ransomware attack in a statement made to Bloomberg. REvil planned to extort $50 million from Quanta as a ransom.
Initially, the attack began with demanding ransom from Quanta in return for the information they had captured in the attack. However, after accessing the server and acquiring unreleased designs, REvil changed tactics and asked for the sum from Apple in exchange for not disclosing more designs.
Ransomware Attack Against Colonial Pipeline
A ransomware attack against Colonial Pipeline led to the halting of production while the organization worked to respond to the threat.
The attack caused a significant pause in production, resulting in the cancellation of flights and fuel shortages. The company paid the $4.4 million ransom for the decryptor required to get the network back up.
Brenntag Ransomware Attack
Hackers successfully conducted a high-profile ransomware attack against Brenntag, the renowned chemical distribution company, in April 2021.
The hacker group DarkSide led the ransomware attack, which targeted the North American side of the company business and encrypted the company network. They stole 150GB of data, including sensitive data about the company’s employees.
Manufacturing Cyberattacks 2020
Attack on Renault-Nissan
Renault-Nissan, the automotive manufacturer conglomerate, experienced a cyberattack involving the WannaCry ransomware that halted production at five plants.
The company refused to disclose the attack and the costs incurred, but the losses are believed to be as high as $4 billion. Cybersecurity professionals disconnected the infected plants from the mainframe network to prevent the virus from spreading.
Norsk Hydro
LockerGoga ransomware attackers forced Norsk Hydro, an international aluminum manufacturer with operations in 40 countries, to close multiple plants, damaging IT systems in various business functions, including Norway, Qatar, and Brazil.
Though many details remain unclear or undisclosed, researchers believe the attack cost roughly around $75 million.
Manufacturing Cyberattacks 2019
LockerGoga Ransomware Attack Against Hexion and Momentive
The two American chemical companies, Momentive and Hexion, became victims of the LockerGoga ransomware attack in 2019. The ransomware infection encrypted the window systems of both companies and forced them to order hundreds of new computers.
While Hexion did not disclose any details about the attack, Momentive acknowledged the attack and issued new email accounts to those affected.
ASCO’s Ransomware Infection
In June 2019, the largest airplane part manufacturing company experienced a ransomware attack leading to significant downtime, infecting most IT systems. The attack crippled production in factories across four countries, including the United States, Belgium, Germany, and Canada.
The manufacturing company also had to extend employee leaves for an entire week. As a result, almost 1,000 to 1,400 workers were sent home.
A New Variant of BitPaymer Ransomware
A U.S. manufacturing company found a new variant of BitPaymer that infected the company data via PsExec in February 2019. The variant used the company’s name in the ransom note and executed it in the manufacturing company’s system using PsExec.
To initiate the attack, the hacker compromised an account with administrator privileges, which enabled the attackers to run the malicious commands that copy and execute the BitPaymer variant.
Manufacturing Cyberattacks 2018
TSMC Factories Crippled by WannaCry Ransomware
A major manufacturer of Qualcomm and a supplier of Apple’s SoC components, TSMC, fell victim to a new variant of the WannaCry ransomware in August 2018. The attack infected the company plants during a software installation and caused errors during a new tool’s installation process.
According to the report, the shutdown cost the company USD 250 million and resulted in shipment delays. TSMC declared that the variant infected many of their systems and tools, but they recovered 80 percent of the infected equipment later.
Critical Cyber Security Threats and Risks for the Manufacturing Sector
The emergence of digital technology and robust online systems drives the manufacturing field, exposing the industry to manufacturing cyber risks.
Companies need to understand the prominent cyber security threats in manufacturing, as a critical manufacturing sector attack can generate costly consequences.
Here is an overview of the top cyber threats to the manufacturing industry:
1) Ransomware
With 13.9 percent of incidents in North America, the manufacturing industry is at increased threat of ransomware attacks. Ransomware in manufacturing occurs when hackers encrypt the files on a network and make them unusable. They can then demand ransom in exchange for the description key to make the files usable again.
Given the time constraints involved in the manufacturing industry, manufacturing ransomware attacks are successful in the sector as manufacturers often pay a ransom, and the amount paid out to hackers is usually less than the loss accrued from the delay.
2) Phishing
Phishing accounts for 85 percent of the cyber threats to manufacturing businesses and remains one of the most prevalent risks in the field. Phishing attempts in manufacturing involve tricking the recipient of a text or email into opening a link and providing hackers with an entry into a secure network.
The attackers often create the message using the correct terminology and imagery to make it look official. These messages appear to have been sent from within or a trusted partner organization.
3) Insider Threats
Seventy-five percent of cyberattacks originate from within the organization, of which 40 percent start with an employee falling victim to a phishing or social engineering scam. Industry manufacturing insider threats could also be other people with access to your offices and computer, including security guards and contractors.
4) Intellectual Property Theft
Intellectual property theft and its effect on manufacturing competitiveness cannot be ignored. Intellectual property is the most valuable asset of any manufacturing company, and its theft can adversely affect the organization.
IP theft is recorded as one of the most expensive cyber threats that hackers looking to steal sensitive information may attempt. The most common method is to access the network through underhanded means and panting malware that allows them to obtain sensitive information without being noticed.
5) Supply Chain Attacks
Under intellectual property theft, hackers may target a company’s business partners or suppliers. They can gain access to the network through phishing and compromise the networks of third parties. Once they have access to the network, they can attack the manufacturer to steal data, disrupt the supply, and plant malware to halt production.
6) IoT Attacks
IoT systems can also fall prey to network attacks like spoofing or denial of service. These attacks allow hackers to access users’ sensitive data via IoT (Internet of Things) tools. Attackers may install malware on the device, compromise the device’s security, and gain access to the company’s data.
What Can You Do to Protect Your Manufacturing Business from Cyberattacks?
The proliferation of factories in the manufacturing industry has paved the way for greater efficiency, growth, scale, and innovation. However, the constant use of digital technologies has also exposed the sector to sophisticated threats, creating the need for advanced cybersecurity risk management.
If you wonder how to secure your manufacturing against cyber threats, there are a few measures you could put in place. Heightened operational and financial damage risks and more complex security challenges make cybersecurity for the manufacturing industry more critical than ever.
Therefore, it is necessary to protect manufacturing businesses against cyber threats using robust cyber risk management software.
Expert Computer Solutions is a one-stop-shop solution for all your cybersecurity management needs in the manufacturing industry.
We have prevented over 1,000 security breaches across various manufacturing, services, and construction companies in the U.S. We can provide dedicated and comprehensive cybersecurity solutions for the manufacturing sector.
With a strategic approach to analyzing and implementing security solutions tailored to secure your manufacturing business against cyber threats, our company offers a range of managed cybersecurity services and cyber risk management solutions to mitigate cyberattacks for small and medium enterprises in the U.S.
