Trevor Dearing, Director of Critical Infrastructure Solutions, Illumio

For three years running, manufacturing has been a top-attacked industry, according to the IBM X-Force Threat Intelligence Index 2024.

Attackers see manufacturers as an increasingly attractive target. Smart factories open new attack vectors, and as new industrial control systems (ICS) become more connected, the opportunity for malware to spread grows.

This is placing increasing pressure on manufacturers to make their operations resilient enough to withstand attacks, with the 2024 World Economic Forum Global Cybersecurity Outlook revealing that operational disruption is the greatest cybersecurity concern for almost half (45%) of leaders.

Here I will discuss how Industry 4.0 is changing manufacturing cybersecurity and why deploying a Zero Trust approach can help protect against vulnerabilities from smart factories and ICS. 

The benefits and challenges of Industry 4.0

Industry 4.0 has revolutionised manufacturing through automation and connectivity. Now, enterprise resource planning (ERP) systems handle everything from taking orders to overseeing production.

New ICS technology provides more data and control by using smarter applications built on standard platforms which in turn extends the operational life of the systems.

Because of Industry 4.0, manufacturers are improving how well their supply chains work. But this also means their systems are more connected and vulnerable to cyber threats. These threats can target ICSs and cause serious problems.

New ICS environments more at risk than ever

In the past, ICS attacks were mostly simple malware and known weaknesses. But with smarter systems now available, attackers have more opportunities. These new systems connect and communicate in complex ways that leave security gaps and blind spots.

They also connect to the internet which opens even more ways for attackers to breach and exploit systems.

These changes have led to more sophisticated attacks such as zero-day exploits and targeted hacks. There’s also more use of social engineering to gain access to critical systems. Now, attackers can find and use weaknesses faster and often go undetected longer. This makes it easier than ever to carry out attacks on manufacturing operations.

The most common cyber threats to manufacturing

Cyberattacks can do more damage than just halting production lines. Manufacturers are also seeing several other effects of breaches and ransomware attacks. The five most common attacks we see are:

1. Stolen intellectual property: Manufacturers spend a lot of time and money on research and development (R&D) to stay innovative and keep ahead of their competitors. Many recent breaches in manufacturing have led to the theft of patents, designs, formulas, manufacturing processes.
2. Stolen data: Besides R&D, manufacturers also often have sensitive information about customers, vendors, and employees. When this data is breached, they can face legal problems, fines, and a loss of trust from their customers and partners.
3. Damaged physical assets: Attacks on ICSs and operational technology (OT) can cause physical damage to machines and equipment and cause periods of downtime. Attackers can manipulate ICSs to operate machinery in dangerous ways. This can lead to equipment failure, the destruction of goods or even endangering human life.
4. Compliance violations and legal consequences: Manufacturers in regulated industries can face more problems from cyberattacks due to compliance issues. If a cyberattack happens and data is not protected, companies can face large fines, legal trouble, and more attention from regulatory groups.
5. Compromised supply chain: Attackers are increasingly targeting manufacturers to get into larger supply chains. Hacking one manufacturer can give attackers access to the systems of connected suppliers, partners, and customers. This can damage business relationships and cause loss of business.

 Secure manufacturing operations with a Zero Trust approach

Securing ICS environments requires a comprehensive, risk-based approach. To secure these environments, manufacturers need to move from traditional network security approaches to protecting individual assets and applications.

This approach establishes communication and security rules per system and makes decisions based on risk.

The Zero Trust security model, supported by NIST and used by top manufacturers, makes changes to the traditional way of protecting manufacturing networks. Zero Trust is a cybersecurity model that assumes no part of the network is inherently trustworthy – “never trust, always verify.” Nothing is trusted by default which makes it harder for attackers to get in and spread inside the network.

Central to a Zero Trust strategy is Zero Trust Segmentation (ZTS), segmentation that uses the principles of Zero Trust. With ZTS, manufacturers can get a clear view of network traffic, enforce security rules, and quickly contain threats.

Many attacks in manufacturing rely on being able to reach the target assets from the initial point of entry. Industry 4.0 is making systems so interconnected that the traditional trust-based model no longer applies. Manufacturers must adopt a Zero Trust security model to protect modern industrial control systems.