The industrial sector has seen increasingly sophisticated and destructive attacks. From manufacturing facilities to industrial control systems, cybercriminals recognize that companies in this sector are particularly vulnerable, and potentially lucrative targets due to their indispensable role in supply chains and critical infrastructure.
There are several reasons cybercriminals have the industrial sector in their crosshairs. They believe companies in the sector are more likely to pay ransoms because the costs of shutdowns are so high; complex and highly connected industrial control systems and supply chains provide many attack vectors to exploit. Additionally, the sector is undergoing a rapid digital transformation.
However, there are measures that manufacturers and other companies in the industrial sector can take now to protect themselves. As the costs of breaches rise, it’s crucial for leaders to adopt a proactive cybersecurity posture. Companies in the industrial sector are particularly responsible for taking active steps to protect their operations from cyberthreats because they play such an integral role in the global economy. This is why it’s essential to identify the most urgent cyberthreats.
The Growth of Ransomware
As cybercriminal capabilities become more advanced, the industrial sector is experiencing a surge in cyberattacks. According to IBM, manufacturing has been the top-attacked industry for three years straight. IBM also found that two of the top five industries that suffered the most financial damage per data breach are the industrial and energy sectors: $4.73 million and $4.78 million, respectively.
These figures are higher than average across industries, and both saw year-over-year increases. There has also been a 68 percent annual increase in the amount of “supply chain interconnection” involved in breaches, a major liability for the highly interconnected industrial sector.
The latest Verizon Data Breach Investigations Report found that the top action variety in manufacturing breaches is ransomware. This is no surprise, as manufacturers and other companies in the industrial sector have so much to lose from shutdowns and other operational disruptions. To take one of many examples, a recent ransomware attack on Clorox cost the company tens of millions of dollars and struck amid a major digital transformation.
IBM reports that ransomware attacks cause significantly more financial damage than other cyberattacks — and these costs increased by 13 percent from 2022 to 2023.
The rise in ransomware attacks encompasses several other cybersecurity trends that affect the industrial sector — from cybercriminals’ growing reliance on artificial intelligence to the role of social engineering. The rapid evolution of these tools and tactics has permanently changed the cyberthreat landscape in the industrial sector, and it has never been more vital for manufacturers to be aware of these threats.
Social Engineering Prevention
When leaders in the manufacturing sector understand the cyberthreats they face, they can equip employees with the skills necessary to identify and prevent cyberattacks. Verizon reports that over two-thirds of data breaches involve a human being, and breaches in the industrial sector are no exception.
Phishing is the top initial attack vector in manufacturing, accounting for 39 percent of all incidents.
Employee training is one of the top ways to mitigate the cost of a data breach — it has a larger financial impact than encryption, data security software, insurance, and a wide array of other cybersecurity resources. There are three key components of effective cybersecurity awareness training: engagement, personalization, and accountability.
To keep employees engaged, security leaders must provide real-world examples of social engineering attacks in the industrial sector and how they can be thwarted. Security awareness training should also be personalized on the basis of each employee’s level of knowledge, behavioral profile, and learning style. Personalization improves accountability, as it allows security teams to gather and analyze data about what employees are learning and where they still need assistance. Security leaders can also conduct assessments such as phishing tests to determine the state of their organization’s cyber-readiness.
Considering the disproportionate share of attacks which hit the industrial sector — as well as the percentage of these attacks which rely on social engineering — it’s critical for security leaders in the industry to implement a comprehensive and engaging cybersecurity awareness training platform.
The Response
Many industrial social engineering attacks rely on phishing, and cybercriminals are using AI tools such as deepfakes and large language models (LLMs) to launch hyper-targeted phishing attacks on a larger scale than ever before. Beyond the ability to produce convincing and error-free phishing messages in dozens of languages, AI also allows cybercriminals to conduct surveillance to determine how and where to strike next.
AI has fundamentally transformed the way security leaders must respond to social engineering attacks. For example, a series of red flags used to flutter over many phishing messages: misspellings, strange grammar or syntax, and a range of other mistakes. LLMs enable cybercriminals around the world to craft polished and compelling phishing content capable of bypassing spam filters and convincing employees to click. Deepfakes allow cybercriminals to launch even more sophisticated multi-level attacks.
Employees must pay close attention to the tone of communications: are they threatening or coercive? Do they have a sense of urgency? Do they contain links or suspicious attachments?
According to Verizon, human error-related breaches have been on the rise in the manufacturing sector. IBM found that a significant proportion of breaches in the sector resulted from the “use of legitimate tools for malicious purposes” — particularly credential theft. These facts provide even more evidence that employee training is essential in the industrial sector, and this training must stay ahead of emerging threats like AI-powered social engineering.
Over the past five years, the number of cyberattacks on the manufacturing sector has exploded. In 2019, manufacturing accounted for eight percent of the attacks on the top 10 hardest-hit sectors — a proportion that has spiked to over 25 percent. It’s clear that companies in the industrial sector need to develop more robust cyber defenses, and they can start this process right now by implementing effective awareness training at every level of the organization.
Matt Lindley is the COO and CISO of NINJIO, and he has more than a decade and a half of experience in the cybersecurity space.
