Investing in predictive security tools allows manufacturing firms to take a proactive approach. 8vFanI/iStock/Getty Images Plus
Ransomware accounts for around one-quarter of all malware attacks, and some experts are predicting the total global cost of this type of cybercrime will exceed $250 billion annually by 2031. These malicious software attacks work by encrypting the victim’s files and devices, with hackers then demanding a ransom in exchange for the decryption key.
While ransomware is rife in almost all industries, it’s a significant threat to metal manufacturers for a number of reasons, including:
- Heavy reliance on complex and interconnected industrial systems with many places to attack
- The preponderance of outdated legacy systems that weren’t built to deal with modern cybersecurity concerns
- High use of third-party vendors, which serve as a potential entry point for cyberattacks
Fortunately there are ways to combat ransomware in the manufacturing industry to mitigate risk.
The Business Effect of Ransomware in Metal Manufacturing
Ransomware attacks can have a devastating effect on businesses in three core areas.
Financial Losses. In many cases, resolving a ransomware attack involves paying criminals to decrypt the files, with an average cost of $4.49 million per incident. However, failure to meet these demands is, on average, more costly.
For example, in 2019, aluminum producer Norsk Hydro rejected the ransom and instead chose to restore its system from backups. This scenario cost the company more than $41 million in the week after the attack and another $30 million in the intervening months.
Operational Disruption. Ransomware attacks shut down the entire metal manufacturing production line. The fallout affects the company and its entire supply chain.
For example, in 2022, the Toyota supplier Kojima Industries was hit by a ransomware attack that compromised critical systems essential for production management. The disruption forced Toyota to suspend operations across 14 plants, delaying the production of around 13,000 vehicles.
Reputational Damage.
Companies that fall victim to ransomware attacks take significant reputational hits. Often, they struggle to recover from these breaches, with eroded customer trust, lost contracts and revenue, and reduced market share.
Key Weaknesses in Machine Shops That Hackers Exploit
The approaches that cybercriminals take to exploit vulnerabilities in machine shops are varied. However, the following six methods are the most common.
1. Phishing schemes. Phishing attacks are a common entry point for hackers targeting machine shops. These attacks can take the form of emails that appear legitimate and trick employees into sharing sensitive data, clicking on malicious links, and downloading infected software.
Once inside, attackers can move laterally across the network, introducing ransomware and stealing sensitive data.
2. Unpatched vulnerabilities. Unfortunately, too many metal manufacturing firms fail to keep their systems up to date. When known vulnerabilities are left unpatched, it’s essentially an invitation for bad actors to bypass defences and encrypt data. As many as one-third of ransomware attacks start with unpatched vulnerabilities.
3. Industrial Internet of Things (IIoT) devices. IIoT is a huge part of the overall drive towards automation in the metal manufacturing space. These devices include sensors and controllers that are connected to broader systems. Weak passwords, firmware flaws, and vulnerabilities in hardware are quite common in IIoT devices, making them susceptible to botnet infections and malware.
4. Legacy systems. Legacy systems are another point of weakness for metal manufacturing firms. It’s not unusual to see shops use outdated systems that are challenging to update or patch or are too expensive to replace. Indeed, some teams work with unsupported operating systems with well-known vulnerabilities, making them an attractive target for ransomware attacks.
5. Supply chain risks. Supply chains involve multiple vendors with varying levels of cybersecurity maturity. When one partner has inadequate cybersecurity, a breach can quickly spread across the entire ecosystem. What’s more, counterfeit or tampered components can become a point of attack.
6. Insider risk. One of the rising ransomware risks inside a metal manufacturing business includes a company’s own employees and contractors. Intentional attacks are thankfully still a rarity, but human error and stolen credentials provide unauthorized access to systems and wreak chaos.
For example, MKS Instruments suffered a $200 million ransomware attack that was partly attributed to inadequate authentication processes, intrusion detection, and response mechanisms, as well as backup and restoration capabilities.
How Machine Shops Can Strengthen Their Defences
While the threat of ransomware is clear, several steps exist that metal manufacturing shops can take to reduce their exposure to risk.
Patch management – Regularly updated and patched software can prevent the exploitation of known vulnerabilities.
Zero-trust architecture – A zero-trust cybersecurity model ensures all users and devices are secured.
Advanced cybersecurity tools – Tools like endpoint detection and response and security information and event management help ensure swift threat identification and remediation.
Training – Employees are the most common point of vulnerability for ransomware attacks. Therefore, it is essential to ensure that they receive regular, high-quality cybersecurity training.
Finding the Right Balance
While cybersecurity is a major priority for machine shops, the best security protocols must also consider efficiency and productivity.
Doing an impact assessment before deciding on any cybersecurity option enables teams to conduct thorough risk assessments to determine its effect on productivity.
Machine shops also should build a culture of risk awareness and have policies that encourage cyberthreat reporting.
Tight cybersecurity budgets are also an unfortunate reality. However, cloud-based ransomware protection tools reduce hardware spending without compromising performance.
Ransomware is a real and present danger to metal manufacturing shops worldwide. Legacy systems, automation, and sprawling supply chains are common sources of vulnerabilities within the sector.
While certain systems and practices that enhance productivity may introduce vulnerabilities, it’s crucial to find a balance between efficiency and security. Investing in predictive security tools allows manufacturing firms to take a proactive approach. When combined with solid cybersecurity policies and effective training, firms can reduce financial, reputational, and productivity risks that stalk the industry.
Tyler Owen is the senior director of product management for managed security services at VikingCloud, www.vikingcloud.com.
