Manufacturers increasingly wary of nation state threats, survey reveals

Outdated and unsupported legacy operational technologies (OT) are exposing substantial vulnerabilities for UK manufacturers facing escalating threats from nation-state attacks, BlackBerry’s Manufacturing Cybersecurity Study warns.

A cyber attack can be particularly catastrophic for the manufacturing industry
A cyber attack can be particularly catastrophic for the manufacturing industry - AdobeStock

The survey of 1,500 manufacturing IT decision makers across North America, UK, Germany, Japan, and Australia revealed that while 41 per cent anticipate an elevated risk of cyberattack in 2023, three-quarters of respondents fear nation-state attacks on the sector and 65 per cent are concerned about foreign governments spying on their facilities. At the same time, 68 per cent say OT infrastructure is difficult to defend and 86 per cent admit to running core functions on outdated and unsupported legacy operating systems.

In a statement, Shishir Singh, CTO, Cybersecurity at BlackBerry, said: “Global manufacturers are headed for stormy waters as nation states up the ante on surveillance and the risk of a cyber incident is high – and rising – yet the industry is hampered by a threat surface that is largely antiquated and difficult to defend. Over the last year, three cybersecurity trends significantly impacted OT and IoT infrastructure: ransomware attacks, phishing attacks, and third-party software vulnerabilities.”

MORE FROM MANUFACTURING

Singh continued: “Cybersecurity has become a significant barrier to progress, and managers shackled by ageing hardware and outdated operating systems are challenged to unify security across old and new to forge ahead with modernisation. With aged and isolated equipment, the truth is that it is difficult to put protection into these environments but not impossible.”

BlackBerry’s research found IT decision-makers concerned with malicious malware attacks (56 per cent), followed by phishing attacks (49 per cent) and unauthorised access by non-malicious insiders (45 per cent).

The research also showed that 65 per cent of manufacturing IT decision-makers believe the cost of a cyber breach to be $250,000 or less.

Almost half (47 per cent) of respondents estimate that business downtime would account for just one-tenth of that cost, while 63 per cent point to cyber incidents resulting in a loss of customers or impacting supplier relationships (59 per cent).

With unplanned downtime costs soaring due to global inflation and production lines running at a higher capacity, this contrasts with a recent report estimating the true average cost of a data breach in the industrial sector to be higher at $4.24m.