The United States’ manufacturing industry is the largest of its kind in the world, producing 18.2 percent of global goods. Manufacturing has a present role in every product-driven industry, since it crafts industry-specific materials. Manufacturing is also often done on a great scale, meaning a hacker that alters specifications by a few millimeters in a configuration file can create catastrophic effects.
As cybersecurity’s impact on manufacturing becomes increasingly noticeable, businesses must adapt in recognizing cybersecurity threats and defending against them.
Cybersecurity Threats to Manufacturing
Manufacturing extends to a variety of industries, such as the construction of homes and the creation of automobiles. A hacker that modifies the manufacturing process of a home or vehicle can lead to mass product recalls and the risk for fatal injuries. Manufacturing, perhaps more so than any industry, needs to prioritize cybersecurity due to its ultimate impact on consumer safety, especially since it’s the second most attacked industry.
A cybersecurity attack within the manufacturing industry can cause defective products with potentially fatal consequences, in addition to production downtime, manufacturing disruptions and physical damage. In some cases, the work of hackers may go unnoticed until it’s too late. For example, a hacker that slightly alters the placement of a vehicle part may cause the issue to go unnoticed at first, though as the part wears there may be fatalities before a recall.
A Hacker’s Approach
Hackers tend to blackmail businesses, vowing to cease their hacking and put original modifications in place in exchange for money. In 2015, a steel mill in Germany was the site of a cyberattack, with hackers compromising a furnace that could not be shut down without manipulation and disruption of control systems. The case is a reminder that hackers can use their expertise to destroy physical items. Today, when so many items are connected digitally, such a scenario presents a risk.
Researchers are also finding vulnerabilities in 3-D printing, which presents some concerns. Specifically, a hacker can gain access to a 3-D printer and alter plans for a drone, fitting it with defective propellers that can cause it to crash and cause injury. Regardless of the platform, hackers strive to penetrate a network and alter controllers in some capacity.
In Response: Defense
Most manufacturers are well aware of cybersecurity issues. In response, they are implementing numerous defensive strategies.
In aiding with their risk mitigation, manufacturing businesses should engage in penetration testing and security assessment services for both internal and external connections. In addition, businesses should conduct vulnerability scanning and install updates and patches on all computers and devices upon release. Access control measures should also be put in place to prevent hackers from accessing multiple parts of a system, even if one section may show compromising signs.
Still, many manufacturing businesses lack proper cybersecurity, putting consumers and their employees at risk. Specifically, 20 percent of manufacturing businesses don’t conduct regular risk assessments, which helps find security issues before it’s too late. Manufacturing plants need to monitor for suspicious behavior and conduct appropriate tests and assessments, or else they risk serious health and legal consequences.
STAY TUNED for a follow up piece on what you can do to protect your small business manufacturing from hackers!