The U.S. manufacturing sector is experiencing a surge in cyberattacks, making it the most targeted among the 16 critical infrastructure sectors recognized by the U.S. government. This increase in cyber threats is attributed to the sector's reliance on sensitive intellectual property, complex supply chains, and the critical role it plays in both national and economic security. As tensions between the U.S. and China rise, the need to protect this sector from cyber threats becomes even more urgent.
Recent data indicates a troubling trend, with ransomware gangs claiming over 1,000 attacks on manufacturers in the past year. On average, manufacturers face approximately 1,585 attempted cyberattacks per week, with a 30% increase in overall attacks year over year. High-profile incidents, such as the cyberattacks on Nucor and Jaguar Land Rover, have highlighted the severe impact these breaches can have, including operational shutdowns and significant financial losses.
The technical challenges in defending against these attacks are compounded by the convergence of information technology (IT) and operational technology (OT) networks. This convergence expands the attack surface, creating multiple entry points for hackers. Additionally, the use of cloud platforms, mobile applications, and Internet of Things (IoT) devices further complicates security efforts, as does the presence of legacy OT devices that may lack necessary security updates.
The impact of these cyberattacks is profound, affecting not only the targeted companies but also the broader supply chain and economic stability. The manufacturing sector's inability to tolerate downtime makes it an attractive target for cybercriminals seeking quick financial gains. As a result, there is a growing consensus among threat actors that manufacturing is a reliable sector for extracting profits.
To combat these threats, manufacturing firms are increasingly collaborating through the Manufacturing Information Sharing and Analysis Center (MFG-ISAC). This collaboration includes sharing information on cyber threats, conducting tabletop exercises, and developing incident response playbooks. By working together, manufacturers aim to strengthen their collective defenses and improve their cybersecurity posture across the sector.
Source: https://www.cybersecuritydive.com/trendline/cybersecurity-dive-top-stories/373/