It's Cybersecurity Awareness Month!
Last month, Jeremy Turner (Head of Cyber and Risk) presented to PMMI members at the 2024 Annual Meeting about the current cyber security threats PMMI members encounter on a daily basis. Cogility is a cyber security company that provides advanced threat intelligence and data-driven security solutions, specializing in continuous monitoring of internet-exposed assets, threat actor infrastructure, and potential cyber risks for commercial and government customers. In the weeks leading up to the Annual Meeting, Cogility monitored our PMMI member company domains to identify the types of cyber-threats they have experienced and continue to experience in real-time. Since October is Cybersecurity Awareness Month, this is the perfect time to reflect on the growing cyber threats impacting our industry and why it’s critical to take them seriously.
Why Are Manufacturers Being Targeted?
Manufacturers, including those in the packaging and processing machinery sector, are prime targets for cyberattacks. Why? Primarily, it’s Business interruption. Cybercriminals know that downtime costs more than any ransom they might demand. Recent reports from PMMI members show increasing incidents of internal malware infections, compromised credentials, and third-party vendor vulnerabilities. These threats don’t just disrupt operations—they can halt production entirely.
Key Threats to Watch
Some of the top cyber risks manufacturers face include:
- Ransomware and Malware: Internal systems are frequently hit by malware, making recovery costly and time-consuming.
- Compromised Credentials: Poor password hygiene and phishing attacks make it easy for hackers to gain access and wreak havoc.
- Third-Party and BYOD Risks: Third-party vendors and employees' personal devices are entry points for attacks, often leading to data breaches or compromised systems.
- Outdated software: Cyber criminals are using outdated software and firmware to gain access to sensors, PLCs, and other IoT devices that are not properly updated or protected with proper security controls.
Third-Party Risks
One of the most common issues reported is compromised third-party vendors, which often leads to invoice fraud or funds transfer manipulation. Manufacturers heavily depend on these vendors, but many lack visibility into their vendor’s security, putting your entire operation at risk.
Why You Should Care
Cyberattacks aren’t just about data—they’re about maintaining operational continuity. A single breach can lead to wide spread production delays, lost revenue, and long-lasting damage to your reputation. With connected machinery and IoT devices expanding your attack surface, it’s time to prioritize cybersecurity as a business risk, not just an IT concern.
What You Can Do
To better protect your operations:
- Go Beyond Penetration Testing: Ensure your security assessments cover all vulnerabilities, including third-party risks.
- Segment Your Networks (and your customer’s networks): Isolate critical systems to prevent malware from spreading.
- Invest in Threat Intelligence: Use real-time intelligence to stay ahead of evolving threats.
To read more about the trends in threats specifically for packaging & processing machinery manufactures, click here.
