Cyberattacks on operational technology (OT) systems are rapidly rising. In fact, manufacturing was one of the sectors most impacted by extortion attacks last year, according to Palo Alto Networks Unit 42, as reported in the 2023 Unit 42 Extortion and Ransomware Report. \n\nAttacks against OT systems can have a significant impact, including physical consequences such as shutdowns, outages, leakages, or worse. The Colonial Pipeline attack in 2021 is one of the most well-known examples of a major OT attack; the attack prompted a temporary shutdown of nearly half the gasoline and jet fuel supply delivered to the East Coast. That led to fuel shortages and price hikes.\u200b\u200b\n\nWhy is this sector at such risk? There are several factors which we\u2019ll explore in this piece. The good news is that a Zero Trust approach can go a long way toward helping organizations take back control and develop a more robust security posture.\n\nHow we got here\n\nWith the rise of digital transformation, we\u2019ve seen the increased convergence of IT and OT systems. As a result, OT systems that were previously isolated are now connected and therefore accessible from the outside world, making them more at risk of being attacked. \n\nAnother factor that has increased the security risks in this sector is that critical infrastructure often relies heavily on legacy systems. This means many systems are running older, unsupported operating systems. They weren\u2019t designed with cybersecurity considerations in mind, and they can\u2019t be easily patched or upgraded because of operational, compliance, or warranty concerns.\n\nManufacturers also face a lack of skilled employees who can manage these converged environments. An August 2022 survey by the National Association of Manufacturers found that three-quarters of respondents named attracting and retaining a quality workforce as one of their top business challenges. Finding people with cybersecurity expertise is an ongoing challenge \u2013 with ISC(2) putting the global cybersecurity skills gap at 3.4 million people \u2013 and finding people with both security and OT knowledge is even more difficult.\n\nThe rise of ransomware and increased regulations\n\nNot only are manufacturers grappling with the above trends, but they\u2019re also under constant pressure to keep operations up and running. A ransomware attack on a factory can cripple a business\u2019s ability to produce products, leading to days if not weeks of downtime, resulting in financial loss.\n\nBad actors are increasingly seizing this opportunity. In fact, manufacturing has become the second most targeted sector in Unit 42\u2019s client base for ransomware attacks.\n\nOn top of being a target for ransomware and other cyber attacks, governments have noticed the exposure manufacturers face and have imposed more regulations. Most notably, as of December 18, the Securities and Exchange Commission will now require larger publicly traded companies to report a cyber incident within four days, a regulation that puts even more pressure on companies to be ready to understand and act fast. This doesn\u2019t just apply to manufacturing companies, but rather, all publicly traded companies.\n\nStarting with a foundation built on zero trust \n\nManufacturers have multiple environments to protect that run on different operating systems and applications. There are OT devices and networks (for example, the factory floor.) There are remote operations. And there are 5G connected devices and networks at the cutting edge of deployments. Neither IT nor OT managers have tools that offer visibility into all of the different environments, applications, systems, and devices.\n\nWithout visibility, it\u2019s pretty much impossible to know if there are vulnerabilities within any of these devices. This, coupled with the difficulties in operating excessively complex systems creates exponential risk from threat actors, often with the threats outpacing the ability of the technology teams to prevent attacks. The reason that ransomware works in manufacturing is because those Windows-based operation controls are largely identical to those found on the business side of the house.\n\nA Zero Trust approach - especially at the higher architectural layers of a factory where OT and IT first converge - can help solve many of these issues. Zero Trust is predicated on a simple concept \u2013 trust no one. It\u2019s a strategic approach that eliminates implicit trust and continuously validates every stage of a digital interaction to secure an enterprise. By implementing a Zero Trust strategy, you apply security to users, devices, applications, and infrastructure in the same consistent manner, across the entire organization. A Zero Trust framework makes it easier to secure all of the different environments within a manufacturer.\n\nThink of Zero Trust as a framework that includes the following principles\/steps:\n\nA Zero Trust approach plays a central role in helping OT organizations remain operationally resilient, reduce the potential attack surface, and minimize new or expanding risks brought on by digital transformation. The reality is that OT is likely to continue to be a major target for bad actors in the foreseeable future. And for most organizations, there will be a constant struggle to find and retain talent with the right skills. These are almost inevitable factors, as is the continued convergence of IT and OT. IT leaders working in OT have a unique set of challenges, and it can certainly feel like an uphill battle at times, but starting with Zero Trust provides the foundation for creating a stronger, better security posture now.\n\nTo learn more, visit us here.