5 of the Biggest Cyber Attacks in the Manufacturing Industry
Manufacturing firms have hugely scaled their digital presence over the past years. And while this is a standard best practice, it has also (unfortunately) increased their vulnerability to cybercriminals.
Today, let’s break down 5 of the most notable cyber attacks in the manufacturing sector.
We’ll also explore how best CISOs can adapt their own strategic outlook as well as key learnings for your SOC team.
Before we start, here’s a quick overview of what types of manufacturing cyber attacks exist:
- Ransomware attacks: A type of malicious software (“malware”) that blocks access to a computer system or files until a “ransom” is paid
- Phishing attacks: Deceptive emails, websites or messages which trick people into sharing sensitive information
- Whaling campaigns: A sophisticated phishing attack that is aimed at high-profile people within an organization
___________________________________________________________________________________
1. Why are cyber attacks so common in the manufacturing industry?
When it comes to cyber attacks by industry, manufacturing organizations are sitting squarely at the top of the list. Manufacturing is currently the most targeted industry in cybercrime, representing 20% of all cyber extortion campaigns in 2023.
But why exactly are there so many industrial cyber attacks?
Here are some of the main reasons…
- Boosted connectivity: When manufacturers go online, it makes them much more efficient—not to mention the rise of the Internet of Things (IoT). But it also creates fresh entry points for cybercriminals to wreak havoc.
- Poor training: People in the workforce may not have been adequately informed of cybersecurity threats, and consequently could use weak passwords or be duped by phishing attacks.
- Legacy systems: Some companies are still using older operational technology, which may not have the necessary security authentication features and therefore become a cyber risk.
- Supply chain attacks: With complex supply chains and multiple third-party partners across different regions and jurisdictions, there are plenty of opportunities for hackers to infiltrate the network somewhere along the way.
- Data-driven systems: Storing and transmitting sensitive data is an essential part of manufacturing operations. But it also increases the risk of their intellectual property being stolen or disrupted.
- Industrial control system (ICS) risks: ICS systems form a critical infrastructure for manufacturers. But when the correct measures aren’t in place, these systems can easily be exploited.
Graphic: Mindmap of the 6 reasons
Cyber threats to manufacturing industries are at an all-time high. Let’s look at some of the most famous manufacturing cyber attacks in recent years, before exploring how CybelAngel can help to prevent them.
___________________________________________________________________________________
2. In the spotlight: The biggest cyberattacks on manufacturing companies
Industrial cyber attacks are everywhere. Shutdowns, data breaches, and downtime can happen to anyone, even the biggest manufacturing corporations. Here is a rundown of 8 of the biggest cyber attacks that you should be aware of, with average costs reaching millions (and sometimes billions) of dollars.
1. FACC cyber attack analysis
FACC AG is an Austrian aerospace component manufacturer.
In 2016, threat actors infiltrated their network and started a whaling campaign, targeting the senior executives and accounting departments.
They successfully impersonated the CEO, and then they asked the accounting department to transfer $55.8 million to complete an acquisition. (Of course, neither the acquisition nor the CEO’s email was authentic.)
Later, a Chinese citizen was arrested in Hong Kong after receiving $4 million allegedly for laundering the dirty money.
In response to the theft, FACC fired their CEO and CFO. FACC took further steps by suing their former executives for $11 million claiming they failed to protect the company.
Estimated cost of the attack: $61 million
2. Norsk Hydro cyber attack analysis
Norsk Hydro is a multinational aluminium manufacturer with operations in 40 countries.
It was also a victim of a manufacturing cyber security breach in March 2019. It was forced to close multiple plants after a ransomware attack from a malicious software known as LockerGoga.
The ransomware attack damaged IT systems in various business functions, including smelting plants in Norway, Qatar, and Brazil.
Many details remain unclear or undisclosed but researchers believe the cybercriminals sourced credentials purchased on the dark web or used credentials gathered from a previous phishing attack.
Norsk Hydro refused to pay the requested sum of money, and they instead asked cybersecurity experts to help them dismantle the ransomware. However, the disruption, offline data, and loss of earnings were still astronomical.
Estimated cost of the attack: $75 million
3. Brunswick Corporation cyber attack analysis
Brunswick Corporation is a billion-dollar boating manufacturing firm that operates across 24 countries.
In June 2023, they faced an industrial cyber attack that disrupted their systems. While they didn’t confirm whether it was a ransomware attack, their operations were delayed in several areas while they dealt with the issue.
The CEO, Dave Foulkes, warned that the cyber attack had severely affected the company’s Q2 financial projections.
It took them 9 days to restore all systems, leading to lost production days and putting them far behind schedule.
Estimated cost of the attack: $85 million
4. Applied Materials cyber attack analysis
Applied Materials is a multi-billion-dollar organization which supplies technology for semiconductors.
In February 2023, it suffered a ransomware attack from one of its own suppliers.
Although they did not specify which supplier, it was thought to be MKS Instruments, which faced another ransomware attack earlier in the month.
The CEO of Applied Materials said, “Very recently, one of our major suppliers encountered a disruption that will impact our second-quarter shipments.”
Many cybersecurity experts have expressed concerns that even when larger companies protect their processes, attackers will simply focus on weaker parts of the supply chain, leading to manufacturing cyber security breaches later down the line,
Estimated cost of the attack: $250 million
5. Renault-Nissan cyber attack analysis
Renault-Nissan is the automotive manufacturer conglomerate that builds and sells one in nine automobiles worldwide.
In May 2017, Renault-Nissan experienced a manufacturing cyber attack involving the WannaCry ransomware that stopped production at five plants in England, France, Slovenia, Romania, and India.
As is common in ransomware or other cyberattacks, the attack occurred on a Friday to take advantage of minimal staff levels.
To halt the spread of the infection throughout the company’s networks, the company disconnected the infected plants from its network.
By the following Monday, the affected plants were operational again.
The company declined to disclose how the attack occurred or the costs incurred, but people estimated it to be in the range of billions.
Estimated cost of the attack: Speculated to be as high as $4 billion
Now, let’s see how CybelAngel could help prevent cyber attacks on manufacturing companies.
___________________________________________________________________________________
3. How can manufacturers prevent cyber attacks?
No one is immune to cyber threats (even US government Microsoft Cloud emails were hacked in 2023).
As we’ve seen, manufacturing cyber security breaches are particularly common. And when you’re manufacturing thousands to millions of units in a day, a loss of time is a loss of money, just like we saw with the cyber attacks on manufacturing companies like Brunswick Corporation.
So is there anything you can do to avoid manufacturing cyber attacks?
Yes!
Many manufacturing companies are starting to engage in a proactive approach to cybersecurity by using Digital Risk Protection Solutions.
CybelAngel is the world-leading digital risk protection platform that detects and resolves the most critical external threats before they lead to damage.
Organizations worldwide rely on CybelAngel tools such as:
- Asset Discovery and Monitoring: Spot all shadow assets that are being used without IT approval
- Account Takeover Protection: Stop your credentials from being sold on the dark web
- Data Breach Prevention: Safeguard all your confidential assets
- Dark Web Monitoring: Track cybercriminal discussions on the dark web and avoid being targeted
- Domain Protection: Remove fraudulent, fake, and look-a-like websites that could hurt your business
___________________________________________________________________________________
Manufacturing cyber security: Resolved
The cyber threat landscape might be looking bleak, but with the right cybersecurity systems in place, you can trust CybelAngel to keep your manufacturing company safe.
Want to learn more about how you can boost your cyber threat intelligence and handle cyber security in manufacturing? Schedule a call with CybelAngel, and you’ll be one step closer to protecting your brand and enjoying peace of mind.