How manufacturing cyber risks threaten critical infrastructure. By Javvad Malik
Manufacturing isn’t a lonely factory sitting in the middle of nowhere, churning out widgets in isolation. It’s more like the world’s busiest airport terminal, with connections flying everywhere: energy, transport, tech, you name it. Think of it as the Kevin Bacon of industrial sectors – connected to pretty much everything through six degrees of supply chain. This interconnectivity is something that was noted in a recent report from KnowBe4.
However, the alarming truth is that, while manufacturing has remained the most targeted industry for cyberattacks for four consecutive years, accounting for 26 percent of all reported incidents across sectors, manufacturing is not just the target. There is the potential for threat actors to use manufacturing as a soft entry point, making it a conduit, capable of carrying cyber threats into critical national infrastructure (CNI).
A shared vulnerability across sectors
Digital transformation in manufacturing, otherwise known as Industry 4.0, has created enormous improvements in efficiency and automation, with manufacturers now relying heavily on third-party software, cloud platforms, and automated logistics systems to keep operations running.
But here’s the catch; everyone’s using the same technology. A bit like discovering your local corner shop and nuclear power plant both use the same password manager. Energy companies, power plants, grid operators are all running on the same control systems, buying from the same suppliers, and using the same cloud services as manufacturers.
This can create a shared vulnerability. A cyberattack on a manufacturing environment can quickly spread or be used to target energy infrastructure, potentially causing far greater damage.
The SolarWinds effect
The 2020 SolarWinds breach starkly illustrated the risk posed by software supply chains. Attackers, identified as a group known as Nobelium by Microsoft, inserted malicious code into an update of SolarWinds’ Orion IT management software. This ‘trojanized’ update was installed by 18,000 SolarWinds customers globally, including US federal agencies and major corporations. Once installed, it allowed attackers to silently surveil and infiltrate systems for months.
While SolarWinds wasn’t a manufacturing-specific incident, it proved the point that a single compromised software vendor can act as a springboard into highly sensitive systems across multiple sectors. It also highlights how attackers don’t need to target critical infrastructure directly; they can infiltrate through less defended but deeply connected sectors like manufacturing.
Wider impact: how linked systems spread risk
The risks involved in cyberattacks on the manufacturing sector aren’t just technical, they’re structural. Many CNI operators depend on just-in-time supply chains to source specialized equipment or services from manufacturers. They’re not storing spare parts in a warehouse somewhere – they’re depending on manufacturers to deliver exactly what they need, exactly when they need it. All of this is coordinated by a web of digital platforms, maintenance tools, and remote diagnostic systems that are more connected than a LinkedIn influencer’s profile.
A cyberattack that disables a manufacturing firm’s logistics platform or data environment can trigger delays or failures in the delivery of critical components. This not only disrupts maintenance schedules but can also undermine resilience across multiple infrastructure sectors.
Another major risk is that manufacturers and CNI operators often use the same service providers, cloud platforms or monitoring tools. A vulnerability in any of these common systems introduces a single point of failure that attackers can exploit to breach multiple organizations across sectors at once – making the impact of an attack much worse.
Building cyber resilience
This demands a change in approach. Traditional, siloed cybersecurity practices, which focus only on protecting the boundaries of a single organization, are no longer sufficient. In manufacturing (as with other industries), cyber resilience must be built across the entire ecosystem, with human risk in mind.
To build real resilience, key steps include:
Sharing threat intelligence collaboratively across the supply chain
Requiring cybersecurity assessments from critical partners
Implementing vendor risk management programs
Making it difficult for attacks to reach employees. Use intelligent technology that can filter and block suspicious emails, direct messages, or other channels that can be monitored
Roll out relevant and timely security awareness training tailored to the manufacturing environment
Empower employees to take secure actions without fear of any negative consequences
Manufacturing’s new role in national cybersecurity
Manufacturers are not just targets of cyberattacks, they can also help spread them.
The SolarWinds incident taught us that the softest target in a chain can become the attacker’s gateway to the hardest. In an era where digitalization is at the forefront of innovation, manufacturers must recognize their role not only in producing goods for the global supply chain, but in safeguarding the infrastructure that keeps that supply chain churning.
But cyber resilience is not only a technical challenge – it’s a human one. Most breaches still begin with compromised credentials, misconfigured systems, or unintentional errors. As manufacturers modernize, they must also invest in their people.
The next stage of cyber resilience should involve cooperation across different sectors, relying on accurate information, and be based on a clear understanding of how trust, technology, and human behavior work together. Manufacturers need to address both the human and technical sides of cybersecurity to protect themselves and the critical infrastructure that depends on them.
Javvad Malik
Javvad Malik is lead security awareness advocate at KnowBe4. KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organizations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. As the only global security platform of its kind, KnowBe4 utilizes personalized and relevant cybersecurity protection content, tools and techniques to mobilize workforces to transform from the largest attack surface to an organization’s biggest asset.