The Security Detail Download: Cyber Threats to the Manufacturing Sector

The Security Detail is a podcast series facilitated and hosted by SURGe, Splunk’s strategic security research team.

Every other week, co-hosts Audra Streetman and Kirsty Paine interview security experts about the cyber threat landscape across different industries.

Episode three features an interview with Tim Chase, Program Director at the Global Resilience Federation (GRF). The GRF created the Manufacturing ISAC in March of 2022. Chase has worked across various critical infrastructure sectors in several information sharing communities. He currently leads the MFG-ISAC and shared some of the top cyber threats for the industry.

Read more for a few key takeaways from the interview, or download the full episode.

1. Manufacturing is a top target for ransomware attacks due to its payment capacity and inadequate IT security.

Chase says ransomware attacks on manufacturing companies have increased exponentially year-over-year, making manufacturing one of the most targeted industries.

“If you look at the companies that are most targeted, they're large enough to pay a ransom, but they’re small enough not to have really exquisite enterprise-level IT and security solutions,” Chase said, calling the manufacturing sector a “sweet spot” for ransomware activity.

The constraints of just-in-time deliveries and operational dependencies also make manufacturing organizations more likely to pay ransoms.

2. Patch management and securing IoT devices pose significant challenges for manufacturers.

Chase explained that manufacturers face difficulties in patch management, particularly when dealing with operational technology (OT) systems. Many manufacturers have adopted IoT technology, which expands their attack surface and introduces security vulnerabilities.

“The manufacturing industry is quite varied in terms of what protocols they're running. So on one hand, you might have industries that are running full SCADA systems. But oftentimes, a lot of the manufacturers are kind of like OT-light. It's kind of like industrial IoT or IoT,” Chase said.

The fast-paced deployment of IoT devices often outpaces the development of effective security measures, and the lack of network segmentation between front-office and shop-floor environments further complicates security.

3. The skills gap in cybersecurity and supply chain risks are major concerns for the manufacturing industry.

Manufacturing companies struggle to address the skills gap in cybersecurity, particularly in areas where real estate costs are lower. “You're trying to hire people predominantly from coast jobs with those high salaries and asking them to move to Paducah, Kentucky, or something. And that makes it even more challenging,” Chase said.

Additionally, manufacturers recognize the importance of addressing supply chain risks, as they often serve as both consumers and suppliers in complex supply chains.

Listen to the full interview to hear Chase’s thoughts about common attack vectors in the industry, his take on the role of generative artificial intelligence in network defense, and the services MFG-ISAC provides. To learn more about The Security Detail podcast and listen to more episodes, visit thesecuritydetail.podbean.com.