3 Ways to Keep Your Manufacturing Operation Resilient Against Cyberattacks

As the manufacturing industry continues to embrace automation, connectivity, and smart systems, it also becomes a prime target for cyberattacks. Manufacturers are under pressure to continue innovation while simultaneously securing against their ever-increasing vulnerability.  

The recent wave of cyber threats, including the looming possibility of halted operations like Norwegian manufacturer Tomra has faced, underscores the need for manufacturing companies to fortify their cyber defenses and cultivate resilience in the face of inevitable breaches and ransomware attacks.  

Learn more about challenges facing manufacturers in our industry brief.

The manufacturing industry's cyberattack threat

Manufacturing is no stranger to the havoc breaches can wreak. Take, for instance, the recent cyberattack on Tomra. The Norwegian company manufactures waste collection and sorting products and operates 100,000 recycling systems worldwide. In July, they discovered that some data systems were impacted by a cyberattack, causing the organization to immediately disconnect some systems to contain the incident. They announced that they would keep all impacted systems offline until the attack is resolved.  

While the news is unfortunate, it’s not surprising that a manufacturer would be impacted by a cyberattack. Manufacturers are attractive targets for attacks due to the catastrophic losses they can incur if their production, shipping, and invoicing processes are disrupted. Threat actors know that they can easily disrupt operations, steal data, and cause harm to the business.  

The incident at Tomra also highlights a common challenge faced by manufacturers — protecting legacy equipment. Systems and machines, varying in age and capabilities, constitute a complex ecosystem that can be difficult to secure uniformly. Many manufacturers are still using equipment running on software that is no longer getting security updates, at end-of-life (EOL), or using out-of-date security measures.  

In the wake of the attack, Tomra faces the formidable task of identifying infected systems, isolating them from clean ones, and expediting recovery. The urgency of the situation was compounded by the potential persistence of attackers within the environment, the need to take systems offline, and the continued standstill of operations during restoration.

Why manufacturing needs breach containment

As cyberattacks become more sophisticated, traditional network-based security approaches are insufficient to prevent the spread of an attack. Manufacturers need to adopt a Zero Trust approach focused on protecting the individual asset, assuming breaches are inevitable, and containing breaches when they do happen. This means building least-privilege access based on verified identity so that only verified communications are allowed on an asset-by-asset basis.  

A Zero Trust technology like microsegmentation separates the network into granular zones to contain the spread of ransomware attacks and breaches. In fact, ZTS is a foundational and strategic pillar of any Zero Trust architecture.

3 tips to strengthen defenses and build resilience in the face of cyberattacks

As the threat landscape evolves, so must manufacturers’ cybersecurity strategies. Relying solely on traditional network-based security measures is no longer sufficient. To bolster resilience and enhance cyber defenses, manufacturers need to embrace a Zero Trust security strategy that revolves around a “never trust, always verify” approach.  

Here are three tips to fortify your manufacturing resilience against cyberattacks:

1. Embrace an "assume breach" mindset

The inevitability of breaches demands a shift in perspective. Rather than fixating solely on prevention, manufacturers should expect breaches to happen as a normal part of today’s threat landscape. The goal is not to avert every potential breach but to minimize the impact of such incidents. By acknowledging that breaches may occur and focusing on mitigating their effects, companies can proactively develop strategies that enhance their ability to withstand attacks. The emphasis shifts from averting catastrophe to containing and managing incidents effectively.

2. Plan for resilience, not just prevention

Traditional approaches to cybersecurity often prioritize prevention and detection technologies that aim to identify and stop every potential threat. However, the landscape has evolved – modern cyber threats, including new AI-generated attacks, are able to enter the network spread so quickly that prevention and detection technologies can’t mitigate them fast enough. While these technologies are an important part of any cybersecurity strategy, they’re not enough to secure against today’s disruptive, and potentially catastrophic, breaches.

That’s why it’s important for manufacturing organizations to invest in technologies that prevent an attack reaching critical infrastructure. A prime example is the adoption of Zero Trust Segmentation (ZTS). This approach stops the spread of breaches by containing them at source. This requires an approach that is flexible and agile, unlike traditional, static, network-based firewalls. By isolating affected segments, manufacturers gain greater control over the situation, facilitating faster remediation and minimizing operational disruptions.

3. Implement a Zero Trust strategy

At the heart of modern manufacturing resilience lies a Zero Trust strategy. This approach operates on the premise of "never trust, always verify." It involves continuously verifying, authenticating, and authorizing every user seeking network access, whether from within or outside the organization, to ensure that only validated communications are permitted. By identifying the most vulnerable points in the network and prioritizing defense measures accordingly, manufacturers can create robust barriers around high-value applications and data. Restricting access to critical components minimizes the attack surface and enhances overall security.

The Tomra cyberattack serves as a reminder to the manufacturing industry of the urgency to fortify cyber defenses and embrace resilience as a core tenet. The path to a secure and thriving future for your organization lies in proactive preparation and adaptable strategies.

Learn more about how Illumio can help secure your manufacturing organization here.