Why UK manufacturers are sitting ducks for cyber criminals


By Myles Bray, VP EMEA for ForeScout.

Despite some volatility across today's national and international political landscape, the manufacturing sector in the UK continues to be a key growth driver for the economy. Last month, 14 of the 17 manufacturing subsectors reported growth. In the UK, Manufacturing companies directly employ 2.6 million people and currently make up 44 per cent of total UK exports and in the UK.

But despite this strong foundation, the manufacturing industry is facing some challenges, brought about by the Fourth Industrial Revolution and the advent of automation and Artificial Intelligence. This digital transformation has brought with it new capabilities to manufacturing in the form of 'industrial internet of things' (IIoT) and connected 'operational technology' (OT).

Most manufacturers understand that investments in new technologies and IIoT are an important part of their growth trajectory, and 70% of UK manufacturers say that they have clear plans in place on how to use emerging technologies to drive business value. Nearly a quarter (23%) of UK manufacturers are already implementing Industry 4.0 technology and platforms, and a further 62% are planning on investing in Industry 4.0 tools soon. More than half (51%) of UK manufacturers are currently already using some form of automation.

A new kind of threat

While the introduction of innovative technologies creates new efficiencies, and supports the longevity of these businesses, it also opens up a manufacturer's infrastructure to a whole new type of threat – one that they didn't have to worry much about before, namely cyber-attacks. Gartner predicts that more than 20bn devices will be connected by 2020, by which point it expects that more than 25% of all attacks on enterprises – including manufacturers – will come via IoT devices.

UK manufacturers are aware of the threat cyber-attacks pose to their infrastructure, with 62% saying this issue is on their radar. However, few of them are actually taking action to protect themselves, which makes them a lucrative target for cyber criminals. The manufacturing sector has been one of the most consistently attacked industries over the past two years, with 34% of documented attacks being aimed at manufacturers

Reckitt Benckiser, a British consumer company, suffered production disruptions with an estimated $135m in lost revenue, while chocolate maker Mondelez quantified the resulting damage as three percentage points from its second-quarter 2017 sales growth – both as a direct result of cyber-attacks. The average cost of a cyber-attack for a company operating in the manufacturing sector is $10.22m. And that was before GDPR came into effect.

Cyber-attacks are not only about lost sales and production but safety too. In January, it was revealed that Triton malware was able to manipulate Schneider Electric's Triconex emergency shutdown systems at an unnamed critical infrastructure firm in the Middle East. In this case, the attack failed due to issues with the malware itself including a bug in the payload script.

Visibility is foundational

Many manufacturers are using legacy equipment, which was never intended to be connected to the internet. Systems that are decades old simply weren't designed with security and modern cyber-attacks in mind. But regardless of their age, each automated and connected device in a manufacturing plant represents a potential entry point to the company network, and therefore a potential vulnerability.

As manufacturers become increasingly aware of cyber-threats, there will be growing pressure from both within and outside their organisations to invest in cyber-security solutions that help reduce or even eliminate risks. Introducing a comprehensive security and visibility model that includes understanding anytime new devices and new types of devices join a network is essential for managing an organisation's security risk posture.

Those manufacturers upgrading their existing infrastructure by connecting their environments to the internet are often particularly vulnerable. To start with, factory passwords should always be changed, endpoint access to networks should be managed and, in some cases, restricted, and devices should always run the latest software and security updates. While some of these might sound trivial, cyber criminals will always try to identify and exploit the weakest link within a network.

If UK manufacturers want to reduce potential vulnerabilities and mitigate the risk of security breaches, they should focus first and foremost on knowing what's actually on their network. By passively monitoring all network activities and looking out for uncharacteristic actions, bad actors can be stopped in their tracks. This helps protect legacy systems as they become connected to the wider network and prevents them from becoming the weak link in a company's security posture.

IIoT technologies are clearly here to stay and there is no way around them for manufacturers. But while IIoT adoption might be inevitable, it is essential that manufacturers look at this from a holistic perspective. Greater insight and visibility grants greater levels of preparedness and control for those overseeing these systems should they become targets for attack. Otherwise, they will leave themselves incredibly vulnerable and it will only be a matter of time before they are hit by a serious cyber-attack.

Add a Comment

No messages on this article yet

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter