Cyberattacks on industrial control systems: Understanding and mitigating cyber risks for manufacturing businesses

Many manufacturers use industrial control systems (ICS), also known as automation systems, as crucial digital tools to enhance production output.

These systems ensure consistent manufacturing, resulting in improved product quality. They can help reduce costs by reducing energy consumption, limiting manufacturing carbon footprints, and minimizing labour needs.¹

However, these systems pose a BIG cyberattack risk. Due to their automated nature they lack the need for constant human intervention. While this makes the system highly efficient, it opens the door for potential harm.

Skilled hackers can breach ICS systems, posing threats to human safety and causing significant disruption to society. In the event of a hacker issuing a command, the physical processes they control can be compromised, leading to disruption and even physical injuries.

Companies that are dependent on these systems face threats of both data theft and financial setbacks.

The best way to protect your business against these risks is to understand what you’re up against.

Do cyberattacks on ICS really happen?

Simply put, yes. As advanced algorithms and device communication enhance these systems, the increased network interconnectivity inevitably means greater cybersecurity risks.

Over the last decade, instances of cyberattacks targeting ICS systems have surged,²  accompanied by a notable rise in ransomware attacks.³

Meanwhile data from Kaspersky indicates that in 2022, more than 40% of operational technology (OT) computers were targeted in malicious cyber activity.⁴

Hackers can have a horrific impact when manipulating ICS systems. The following unfortunate businesses experienced serious disruption because of cyberattacks:

• Predatory Sparrow, a hacking group, took recognition for an attack that resulted in a severe fire at an Iranian steel manufacturer. The incident caused equipment damage and forced factory workers to evacuate. A compromised machine even released molten steel and fire.⁵
• The US government and security firms divulged information about a malware strain known as Pipedream/Incontroller. This malware targets ICS systems and possesses the capability to manipulate and disrupt these vital systems.⁶

Potential areas of risk

According to a recent Censuswide survey, a substantial number of respondents from the manufacturing and engineering sector confirmed that they’d evaluated their cybersecurity controls in 2022.

Interestingly, nearly a third of businesses in this sector (31%) expressed intentions to review their cybersecurity controls in the coming year to address concerns. This suggests a heightened awareness of the risks associated with neglecting cybersecurity reviews, especially compared to other businesses.⁷

Potential cyber risks for manufacturing include:

Exploiting vulnerable technology

• Insecure passwords.
• Weak firewalls that enable cyber-criminals to infiltrate ICS networks and breach corporate systems, including financial, procurement, and maintenance systems.
• Integrating outdated or standalone control systems into the wider network exposes their absence of security protocols.
• Linking the ICS system and the internet of things (IoT) devices to the broader internet uncovers potential vulnerabilities.

Social engineering

• Users being deceived into downloading infected files onto a computer linked to the ICS system, either via a link or a malicious email attachment, which can subsequently spread to other systems.

Communication

• Connecting an IoT device to networks without authentication.
• Non-encrypted communication.

System updates

• Irregular software updates and patch management, requiring a balance between cybersecurity and operational needs.

How to avert a manufacturing cyberattack 

• Evaluate security measures and consider upgrading to more robust system versions.
• Regularly refresh and enforce strong passwords.
• Implement multi-factor authentication (MFA) for network access and minimise the number of privileged accounts.
• Delineate the connectivity of ICS networks with non-ICS networks and domains, such as corporate systems and the internet.
• Prioritise cybersecurity assessments during ICS system implementation, ensuring thorough testing of security controls and incorporating network monitoring.
• Examine cyber risk profiles of critical suppliers and identify key customers, establishing contingency plans to mitigate reputation damage after a cyberattack.
• Equip your personnel with cybersecurity training and put together annual incident response strategies.