Why the Holiday Shopping Season May Rely on Securing the Manufacturing Industry

Investments in cybersecurity usually fail to match those made in inventory, logistics and production technology.

Christmas Cyber Zephyr18
iStock.com/Zephyr18

This time each year, retailers and manufacturers are busy preparing for the chaotic but all-important holiday shopping season. Inventory and shipping confidence is often top of mind, especially with the continuous supply chain challenges over the past few years and most recently the International Longshoremen’s Association (ILA) strike threatening significant delays.

But, there’s an additional priority that should rank right up with these other pressing issues – securing the manufacturing supply chain from disruptive cyber attacks.

Thanks to unprecedented demand, increased number of connected devices, and rise in popularity among financially-motivated hackers, the industry must be prepared to mitigate evolving cybersecurity challenges. 

This year, the U.S. holiday shopping spend is expected to increase by seven percent compared to 2023 as consumers embrace both digital and traditional in-store experiences. To meet consumer demand, organizations are steadily increasing their investment in technology to manage inventory, logistics, and production. Unfortunately, more investment in IT doesn’t always mean a proportional investment in cybersecurity.

Manufacturing Tops Hackers’ Wishlists 

Retailers concerned with inventory and production are incredibly dependent on manufacturers during peak shopping times. The pressure and reliance placed on manufacturing plants makes them a prime target for opportunistic hackers. Low cyber resilience and even lower tolerance for disruption is a near guarantee for cyber criminals to cash out on a ransom. In fact, manufacturing is the industry most affected by disclosed vulnerabilities – more than four times the next highest sector, energy. 

When breaking down the attacks on manufacturing, social engineering tops the list. This involves text/ SMS phishing, fake phone calls, impersonations and video phishing, or even a combination of these tactics, to trick people into providing hackers with information like credentials that allow them access systems. Last year, the Verizon Data Breach Investigations Report (DBIR) found that almost a quarter (23 percent) of all breaches in the manufacturing sector involved social engineering attacks. And it remains one of the top causes of breaches this year. 

With a simple social engineering attack, threat actors can infiltrate systems to deploy ransomware or even change controls and industrial processes that can lead to major disruptions. However prevalent social engineering attacks may be, they are simply one of many successful tactics that threat actors use to access critical systems. Therefore, it is important for IT and security teams to understand all of the potential threats to their environment, as well as how to prevent and mitigate them. 

A Foggy IT/OT Environment

Manufacturers are also faced with a complex technology landscape, which further complicates cybersecurity. Today’s shopping experience is a good example of how digitization has a downstream impact on suppliers.

As consumers drive the need for a convenient and seamless shopping experience, the entire supply chain, from purchase to production, has adopted new technologies to fulfill their needs. As a result, Internet of things (IoT) devices and ecommerce have simultaneously enhanced the consumer experience and increased the level of risk for disruption, especially for the manufacturing facilities retailers work closely with to produce the goods being sold. 

As more devices become interconnected, IT considerations – and ultimately attacks – have a tremendous impact on the operational technology (OT) that manufacturers, and subsequently retailers, rely on. OT networks contain hundreds, or even thousands, of connected devices, many of which come with security challenges. Identifying and prioritizing critical vulnerabilities in OT and IoT devices is an important component of any risk management process, which should be frequent and ongoing. One weak link across the entire IT and OT environment could cause catastrophic disruption.

Having visibility into your IoT and OT assets is even more important during times when business operations are sensitive to downtime, such as during the peak holiday shopping season. 

Reducing Risk is a Collective Effort

It is crucial that security teams within manufacturing organizations are aware of these trends so they can conduct proper internal risk assessments while properly training employees – as they are often the victim of social engineering. Plant, factory, and process floor workers should be aware of how social engineering attacks are often conducted and when and how to report suspicious activity to address potential issues or incidents quickly. Most importantly though, employees need to understand that their own information is just as enticing to a potential adversary as intellectual property or sensitive business information.

Working across the entire corporate ecosystem is a recipe for security success. In addition to training employees on social engineering and other cybersecurity best practices, collaboration across OT engineering and security operations (SecOps) teams helps minimize risks. OT operators and cybersecurity teams both require real-time visibility into the network, an updated view of devices, and continuous monitoring and threat intelligence to detect cyberthreats and process potential issues before they cause an issue.

Together, their coordination and collaboration ensures this critical infrastructure is protected so packages are processed and delivered on time, all while improving cyber resilience. 

It is well-understood why so many resources are allocated to keeping business operations up and running. Bottom lines and reputations are on the line for suppliers. Cyber resilience should, therefore, be of the utmost concern for the entire organization – not just security teams. It’s a win-win: reducing the risk of cyber threats also minimizes risk of downtime or disruption. With the appropriate resources and collaboration, manufacturers can ensure retailers and holiday shoppers are delighted by timely deliveries this season. 

Andrea Carcano is the co-founder of OT cybersecurity leader Nozomi Networks.   

More in Supply Chain