Securing IT Infrastructure in the Manufacturing Industry: Mitigating Unique Threats and Ensuring Business Continuity

APRIL 25TH, 2024
Aftab Alam
Executive Vice President, Product Management

Sophos' The State of Ransomware in Manufacturing 2023 found that more than half of manufacturing organizations had been hit in the previous year. Even worse, the rate of encryption had reached its highest level in three years, with 68 percent of the attacks resulting in data encryption, while only 27 percent of manufacturing organizations were able to stop ransomware attacks before their data was encrypted.

Understanding the Manufacturing Threat Landscape

The growing presence of Internet of Things (IoT) devices across the manufacturing sector has opened a new front in the fight against ransomware. Statista says there were 112 million IoT cyberattacks worldwide in 2022, and with advances in AI, there will undoubtedly be more in the future. 

This increased reliance on IoT devices to monitor and control industrial operations has dramatically expanded your manufacturing organization’s attack surfaces. Here are some of today’s most prevalent threats:

Common IoT Attack Vectors

Integrating IoT devices into manufacturing processes increases efficiency and helps automate production. However, these devices often lack robust security measures, making them easy targets for cybercriminals. Attackers can exploit weak default passwords, unpatched firmware vulnerabilities, and unsecured network connections to gain unauthorized access. Once they get past your defenses, they can use malware to take control of devices, disrupt your operations, or move laterally across your network.

Common types of malware that target IoT devices include Mirai and BashliteThese malware programs create botnets by taking control of many infected devices to launch distributed denial-of-service (DDoS) attacks or other malicious activities.

Mirai typically infects devices by scanning the internet for IoT devices protected by factory default or hard-coded usernames and passwords. Once it infects a device, Mirai turns it into a bot that can launch massive DDoS attacks or malicious actions.

Like Mirai, Bashlite exploits weak authentication in IoT devices to take control. After hackers gain access, Bashlite infects the devices with malware that lets attackers control them remotely. Once they have control, they can use these devices to launch DDoS attacks or send spam or phishing emails.

Ransomware is another threat that can stop production lines by blocking access to critical data. The downtime and dollar cost from this attack vector can be devastating, and if critical manufacturing control systems are affected, potential safety risks can result.

Manufacturing Cybersecurity: Defending IoT Devices Against Ransomware

There are some basic cybersecurity and data protection defenses that IT pros in the manufacturing sector must deploy to protect IoT devices, including:

• Conduct a thorough risk assessment that identifies which systems and data are critical to your operations and could be targeted by cyberattacks.

• Change default credentials—usernames and passwords—using strong, unique passwords and implement multi-factor authentication (MFA) to keep unauthorized users out.

• Regularly update firmware and apply patches to IoT devices as soon as they are available to fix known vulnerabilities.

• Segment your networks to isolate those managing production operations and supporting IoT devices and those used to handle administrative tasks to limit the spread of potential attacks.

• Monitor network traffic using intrusion detection systems (IDS) to detect unusual activity that could indicate a breach.

Use robust encryption algorithms for IoT data in transit and at rest.

Follow IoT device security best practices, including employing centralized device management platforms to track all IoT devices and manage their security settings from a single access point.

Physically secure access to IoT devices to prevent unauthorized tampering.

Conduct regular security audits of IoT devices and systems to identify and close security gaps.

Deploy advanced malware and ransomware protection, like Intercept X Advanced, from Arcserve partner Sophos. Intercept X takes a comprehensive approach to endpoint protection without relying on one security technique. The solution reduces your attack surface and blocks common attack vectors. AI, deep learning, behavioral analysis, anti-ransomware, anti-exploitation, and other state-of-the-art technologies stop threats fast before they escalate.  

Backup and Disaster Recovery In Manufacturing

Whether malware gets in via your IoT devices or a successful phishing exploit, backing up your data and deploying an effective disaster recovery solution is vital. 

Arcserve Unified Data Protection (UDP), which features Sophos Intercept X Advanced, is a good fit for mid-size manufacturing enterprises looking for an effective, comprehensive cloud data protection solution that isn’t complex. Arcserve UDP protects against data loss and extended downtime across your cloud, virtual, hyperconverged, and SaaS-based workloads. 

That flexibility ensures you’re covered across your infrastructure, with immutable storage for your data backups on-premises or in the cloud and support for physical and logical air-gapping. Arcserve UDP scales both vertically and horizontally, so you can add capacity and throughput. You can also validate your RTOs, RPOs, and SLAs with built-in Assured Recovery testing so you can be confident of business continuity.

The solution is also highly cost-effective, reducing storage requirements—a common problem with the massive amount of data generated by IoT devices in manufacturing environments—by up to 20x—with built-in global, source-side deduplication and compression.

Most importantly, you can count on recovering your data and getting back up and running quickly with Arcserve UDP.

Read this case study to learn how one manufacturer, working with Arcserve partner Gerab, deployed Arcserve 9000 Series Appliances to protect 45 physical servers and 100 virtual machines (VMs) while streamlining its IT environment.

Final Thoughts

Manufacturing environments are often complex, but data protection doesn’t have to be. Get expert help from an Arcserve Technology Partner to implement the best solution for your organization. 

To learn more about Arcserve UDP, read the datasheet or request a demo.