Merck, a key player in the pharmaceutical industry, took a significant hit to its manufacturing operations when ransomware infected employee devices across the globe. Not only did this do vast damage to its logistics, but it ended up costing the pharma giant more than $275m.
As the manufacturing industry leans heavily on legacy technology, it’s unknowingly leaving itself vulnerable to cyber risk, thanks to gaping security holes and years of prioritizing efficiency over security. As the magnitude and rate of these attacks increase, the manufacturing industry will continue to grow in notoriety as an easy target with outdated security practices.
Unless manufacturers act quickly, the next attack may be right around the corner.
A Fatal Combination
The elaborate networks that manufacturers utilize are often extremely specialized, creating a very large attack surface that is nearly impossible to manage with outdated security practices. Just one data breach can cripple an entire organization by leaking sensitive information ranging from customer data to intellectual property and beyond.
However, information theft is just one threat that manufacturers face. Not only is valuable data at risk, but hackers can attack the physical infrastructure. Once infected, servers can cause machinery to malfunction or overheat, permanently damaging operating sites. These attacks can have lasting effects on productivity as well as the bottom line. Just last year there was $1.3 million lost for every data breach, with 28 percent of manufacturers reporting an average 14 percent of lost revenue due to attacks.
The juxtaposition of legacy equipment paired with modern technology is one of the biggest challenges in manufacturing cybersecurity. For example, packaging lines and Internet of Things (IoT) devices don’t always work with legacy firewalls and other software. Even worse, botnets can launch distributed denial-of-service (DDoS) attacks on sophisticated systems, crashing networks connected to any given device.
Because of historically weak security protocols and minimal security surrounding legacy equipment, bad actors have been targeting manufacturers for years. In prioritizing cybersecurity, manufacturers can build resilience and become a less attractive target for hackers.
Taking Back Cybersecurity
Bad actors will continue to target manufacturing organizations as long as they can retrieve information that makes a profit on the dark web. By taking steps to develop a powerful security program, manufacturers can deter hackers’ attempts before any significant damage is done. Here are four steps organizations can take to develop a significant cybersecurity plan:
Expecting the unexpected is a lofty goal, but a thorough cybersecurity plan is a good start. Elevating cybersecurity on the list of priorities, from modernizing facilities and operations to investing in employee resources, can protect manufacturers against disastrous consequences.
Nikolai Vargas is chief technology officer of Switchfast, an I.T. consulting and managed services provider.
Timely, incisive articles delivered directly to your inbox.