Key Takeaways 

  • The manufacturing sector faces increasing cyber threats due to Industry 4.0. 
  • Recent cyber incidents highlight the need for robust cybersecurity measures. 
  • Honeypots and honeytokens are effective tools for detecting and mitigating cyber threats. 

Understanding the Cybersecurity Landscape in Manufacturing

For the third year in a row, the manufacturing sector represented 25.7% of cyberattacks among the top ten industries. With Industry 4.0, combining operational technology (OT) and information technology (IT) has created new cyber threat opportunities. 

The recent rise in cyberattacks on manufacturers emphasizes the need for strong cybersecurity measures. In our experience, manufacturers lag behind industries like healthcare in setting up and integrating cybersecurity controls, making them easier targets for attackers. 

Recent Cybersecurity Events in Manufacturing 

The manufacturing industry has seen a sharp increase in cyber incidents over the past year. One major event was when attackers targeted a leading automotive manufacturer, stealing sensitive data and disrupting production lines due to a ransomware attack.  

Another significant incident involved a breach at a pharmaceutical manufacturer, leaking proprietary formulas and patient data. This breach raised concerns about patient privacy and corporate espionage. 

Manufacturers with reported incidents within the past year include: 

  1. Brunswick Corporation – Experienced a cyberattack in June 2023, disrupting operations and costing $85 million. 
  2. Applied Materials – Impacted by a supply-chain ransomware attack in 2023, with an estimated $250 million loss.  
  3. Western Digital – Suffered a significant breach in March 2023, with over 10 terabytes of data stolen.   

Challenges Faced by Manufacturers 

Manufacturers face unique cybersecurity challenges due to the integration of OT and IT systems, which increases the attack surface for cybercriminals. The need for skilled cybersecurity professionals and structured security processes exacerbates the problem. 

Strategies for Enhancing Cybersecurity Program Effectiveness

To combat these challenges, manufacturers must adopt a multi-faceted approach to cybersecurity governance. A good program governance approach includes:   

  • Establishing Cybersecurity Governance Charter. 
  • Cybersecurity Oversight Committee. 
  • Aligning To and Adopting a Cybersecurity Framework, such as the NIST CSF- Manufacturing Profile. 
  • A Multi-Year Strategic Roadmap. 
  • Annual Tactical Plans. 
  • Cybersecurity Policies and Standards. 
  • Technology Investment Prioritization Strategy. 
  • Program Measurement and Monitoring Plan. 
  • Fostering a culture of security awareness among employees. 

One effective strategy is to improve visibility into OT assets. By maintaining accurate inventories of technology assets and associated risks, manufacturers can then apply protective controls for those assets. Additionally, it’s essential to conduct focused risk assessments and implement priority-based improvements.  

Another important step is aligning business goals with cybersecurity efforts. By integrating these two areas, security becomes a key part of operational decision-making, not just an afterthought. 

The Role of Collaboration

Collaboration between manufacturers and cybersecurity experts is crucial. Sharing knowledge and best practices helps the industry stay ahead of threats and build stronger security frameworks. Key organizations include: 

  • Manufacturing ISAC (MFG-ISAC): Allows manufacturers to share threat intelligence and collaborate on cybersecurity issues. 
  • Cybersecurity Manufacturing Innovation Institute (CyManII): Addresses cybersecurity challenges through collaboration and innovation. 
  • NIST Manufacturing Extension Partnership (MEP): Provides guidance on cybersecurity best practices, including the NIST Cybersecurity Framework. 
  • U.S. Department of Homeland Security (DHS): Works with manufacturers through initiatives like the National Cybersecurity and Communications Integration Center (NCCIC). 
  • Cybersecurity and Infrastructure Security Agency (CISA): Offers resources and facilitates information sharing. 
  • Automotive Information Sharing and Analysis Center (Auto-ISAC): Shares valuable information for the automotive sector. 
  • National Association of Defense Manufacturers (NAM): Engages in cybersecurity initiatives and provides a platform for information sharing. 
  • National Defense Industrial Association (NDIA): Focuses on the defense manufacturing sector and facilitates information sharing among defense contractors. 

How Honeypots and Honeytokens Can Help Manufacturers

Honeypots are cybersecurity mechanisms that act as decoys, luring cybercriminals away from legitimate targets. Consider them lures or traps for human threat actors and malicious software, including ransomware.

  • Honeypots look like real systems, networks, or services to attract and detect attackers, giving a broad view of malicious activity. 
  • Honeytokens are fake data pieces that trigger alerts when accessed, helping identify and track malicious actors. They can be files, web links, documents, or QR codes. 

Honeypot and Honeytoken Roles in Manufacturing 

Manufacturing organizations are increasingly adopting technologies like IoT and automation, which expand their attack surface. Honeypots and honeytokens help protect digital assets by diverting attackers and gathering intelligence on their methods. 

Benefits of Using Honeypots: 

  • Distract cybercriminals from actual targets, reducing the risk of a successful breach. 
  • Collect valuable information about the tactics, techniques, and procedures of attackers, which can inform better defense strategies. 

Advantages of Honeytokens: 

  • Monitor for unauthorized access within the manufacturing organization’s digital environment. 
  • Act as tripwires to identify both external and internal threats, signaling a security breach. 

Impact on Cybersecurity Events 

Using honeypots and honeytokens allows manufacturing organizations to detect threats earlier and respond more effectively, reducing the impact of cybersecurity incidents. The information gathered from these tools can help create better security measures. 

Strategic Implementation 

For maximum effectiveness, honeypots and honeytokens should be strategically placed to look like real, valuable assets. Regular analysis of the data collected from these tools is essential. 

Challenges and Considerations 

Honeypots and honeytokens are useful, but they should be part of a larger cybersecurity plan. This plan should include regular updates, employee training, and strong incident response strategies. Organizations must ensure that deploying these tools does not introduce new vulnerabilities or legal issues. 

Legal Considerations 

Deploying honeypots and honeytokens requires careful consideration of legal issues, including authorization for deployment and privacy laws. Data must be handled securely, and policies for deployment should be reviewed and approved by internal stakeholders, including legal counsel. 

Building a Resilient Cybersecurity Foundation for Manufacturing

LBMC’s cybersecurity services are tailored to the specific challenges of the manufacturing sector. Combining OT and IT makes manufacturers particularly vulnerable to cyber threats. For further reading on the challenges and strategies for secure manufacturing, the World Economic Forum discusses the role of cybersecurity in advanced manufacturing resilience.  

At LBMC, we offer solutions like honeypots and honeytokens to identify and reduce risks. Our team ensures that your operations, intellectual property, and customer data remain secure. Partner with us to stay ahead of cyber threats and build a resilient cybersecurity foundation for your manufacturing business. 

Content provided by Adam Nunn.  

Adam Nunn is a Senior Manager in LBMC’s Cybersecurity division with extensive experience leading teams to enhance compliance and security. He transforms cybersecurity postures from reactive to proactive, aligning organizations with national and international security frameworks. As a respected advisor, Adam builds trust and fosters collaboration across all levels.