The ever-increasing involvement of technology and network capabilities in manufacturing has allowed for efficiency never before possible. However, these areas have also become a prime target for hackers. In fact, many of these hackers are coming from the inside rather than the outside.
According to Verizon’s 2019 Data Breach Investigation Report, 75% of cyberattacks on manufacturers came from outside actors. However, 30% of these attacks came from internal actors within the companies. While lesser than external threats, internal cyberattacks tend to be much harder to detect, and can go unnoticed for long periods of time.
The issue, according to Verizon, is the fact that internal actors already have access to network systems in order to do their jobs. As a result, this can cause some to engage in privilege abuse, such as unauthorized access of databases. By already having access to these systems, these attacks tend to bypass the usual indicators that an outside attack gives.
As for why these internal attacks occur, Verizon found that 68% of the cases were financially motivated. 27% were related to some kind of espionage, while the remainder were either due to a grudge, or simply done for fun.
Cyberattacks, both internal and external, can leave manufactures struggling to get going again. Entire operations can be shut down for extended periods of time after an attack. Additionally, there’s also the cost factor. On average, a cyber-related incident can cost a manufacturer around $330,000.
These attacks are also becoming more common. In the past year, 40% of manufactures reported suffering from some kind of cyberattack. Nearly half of these attacks resulted in compromised credentials, and 41% jeopardized critical internal data.
In response to this growing threat, manufacturers are taking steps to shore up their cybersecurity. Networks are being segmented in order to prevent hackers from gaining access to all of a company’s systems. Manufacturing floors are also being “air locked”, preventing outside internet connections. The hope is these measures will cut down on or dissuade would-be hackers from attempting system breaches in the future.