New and evolving technologies, such as fully integrated enterprise resource planning systems, connected machine sensor networks, remote access, and Industrial Internet of Things (IIoT) connectivity are improving manufacturers’ efficiency. However, these technologies also create vulnerability to cyberattacks and the manufacturing industry has been increasingly targeted.
According to a security firm NTT's 2021 Global Threat Intelligence Report, cyberattacks on manufacturers increased by more than 300%, totaling 22% of all attacks across all sectors, up from 7% the previous year in 2020. Subsequent NTT reports found that manufacturing remains a top three target for cybercriminals.
Contract manufacturers (CMs) are not immune to these challenges. According to a Manufacturing Dive article, CMs face unique cybersecurity threats often involving the risk of fraud from hackers and attacks from nation states.
Threats can come from the vulnerabilities of the brands and consumer packaged goods companies CMs work with. Dynamic Blending, a CM for the personal care, cosmetic, and nutraceutical industries, addresses these challenges by educating employees and clients about phishing attacks, testing through faux cyber-attack launches, and explaining what would and would not be asked of the client or employee.
Another vulnerability is that older machines designed for internet or cloud connection may contain security flaws. If an older machine needs to be connected, manufacturers should create a secured network. The same applies to old software.
Prevent ransomware and malware attacks through two-factor authentication, VPNs for remote employees, and education about the risks of unsecured, public Wi-Fi networks and unfamiliar USB drives. Dynamic Blending locked USB functions so they couldn’t introduce threats to the system, or be used to take IP or other critical information out, according to the article.
Other preventative measures include protected file sharing, air gapping data on different hard drives, and operating on a “zero trust” basis, which means limiting the number of people who can reach certain parts of company infrastructure and needing two authenticated peers to sign off on critical actions.
For additional resources, check out, “Cybersecurity: Assess Your Risk,” a white paper from PMMI, The Association for Packaging and Processing Technologies:.
|How CM/CP Entities Get Noticed|