Cybersecurity

CISA Warns of Increasing Cyber Risk in Manufacturing Sector

The Cybersecurity and Infrastructure Security Agency has warned manufacturing organizations that they are more likely to be targeted by hackers during the pandemic.

In a new CISA Insights report, the agency said that critical industrial control systems in the sector are especially vulnerable due to their increasing shift to remote-based management.

The industry’s reaction to the coronavirus pandemic also expanded organizations’ attack surfaces, reduced network segmentation and loosened defenses against unauthorized access, CISA said.

Another major factor of the increased cyber risk is the manufacturing sector‘s adoption of robotic process automation technologies in production facilities, the agency said.

CISA noted that the rise in RPA adoption was caused by restrictions to the number of on-site workers allowed during the pandemic. The agency added that the lack of workers qualified to operate RPA systems is opening up new security vulnerabilities.

CISA said that cyberattacks against manufacturing sector infrastructure will continue to get worse if current trends hold up. Successful attacks could lead to significant production loss and downtime, as well as financial losses due to lost revenues and penalties for production delays, the agency added.

The agency said that addressing the problem “requires a long-term and multi-faceted approach.” For instance, manufacturing organizations should consider developing the cybersecurity skills and operational knowledge of employees in their shop floor environment, CISA said.

The agency also recommended that organizations cultivate partnerships between production staffers and cybersecurity analysts as needed based on their risk tolerance. CISA added that security teams should work to improve analysts’ ability to monitor manufacturing environments.