Tackling the Largest Cybersecurity Risks for Manufacturers
February 18, 2025
Tech

Tackling the Largest Cybersecurity Risks for Manufacturers

Ziad Nasr – General Manager – Middle East – Acronis

With the increasing reliance on technology for plant automation and processes, manufacturers are facing heightened cybersecurity risks. The rise of smart factories, driven by accessible technology and cost-saving automation, has inadvertently expanded the attack surface for malicious actors. This places businesses at risk as their own machines, designed to enhance operations, can be exploited against them.

During the first quarter of 2023, cybersecurity experts shared alarming statistics, indicating that attacks had been detected on 27% of the Middle East’s ICS (Industrial Control Systems) computers. This finding underscored the pervasive nature of cyberthreats, specifically targeting governments, enterprises, businesses, and industrial organizations.

In recent years, incidents of hacking industrial control systems have been on the rise and show no signs of abating. Cybercriminals have specifically targeted manufacturers due to the increased likelihood of ransom payment and the presence of inadequate security measures. Many companies in this sector mistakenly believed they were not valuable enough to attract thieves’ attention, but the landscape has dramatically changed.

How Hackers Get the Keys to the Company

One of the primary challenges lies in the sheer number of devices within manufacturing networks. A single plant can encompass hundreds of individual devices, with insufficient adoption of proper security measures. Exploiting this vulnerability, cybercriminals capitalize on the inability of managers to monitor each device, enabling them to inflict substantial damage discreetly. For instance, hackers can compromise or infect devices to participate in larger-scale attack campaigns, often going undetected for extended periods, ranging from days to weeks.

By gaining control over numerous individual devices, cybercriminals can create a botnet—a network of computers compelled to execute malicious code. This technique is frequently observed in Distributed Denial-of-Service (DDoS) attacks and phishing campaigns. In many cases, the greatest vulnerability stems from people, particularly employees who may unwittingly open malicious emails, thus exposing sensitive corporate data.

Below are some examples of cyber security threats in the manufacturing sector in the GCC and MENA region that have been reported in recent years:

  1. Triton Malware Attack on Saudi Petrochemical Plant: In 2017, a cyber-attack targeted a petrochemical plant in Saudi Arabia. The attack involved the Triton malware, which was designed to manipulate and potentially sabotage industrial safety systems. Although the attack was detected before any physical damage occurred, it highlighted the vulnerability of critical infrastructure in the region.
  1. Cyber Espionage Targeting Middle Eastern Manufacturing Companies: In 2018, it was reported that a cyber espionage campaign called “WindShift” targeted several manufacturing companies in the Middle East, including those in the GCC region. The attackers used spear-phishing emails and malicious attachments to gain unauthorized access to sensitive information. The campaign’s objective was to gather intellectual property and gain a competitive advantage.
  1. Industrial Control System (ICS) Attacks in the Middle East: There have been several reports of Industrial Control System (ICS) attacks in the Middle East. In 2023, researchers spotted a new activity group called HEXANE targeting industrial control systems (ICSs) in the Middle East. These attacks aimed at disrupting critical infrastructure sectors, including manufacturing. The threat actors behind these attacks utilized various techniques, such as phishing, malware, and ICS-specific vulnerabilities, to gain control of industrial processes and cause disruption.
  1. Saudi Aramco, the world’s most valuable oil producer, has confirmed that a limited amount of company data held by third-party contractors was indirectly released. This incident occurred after hackers reportedly demanded a $50 million ransom. However, Saudi Aramco has clarified that there was no breach of their systems, and the leaked data has no impact on their operations. The company maintains a strong cybersecurity posture to ensure the protection of its assets.
  1. Ransomware Attacks on Industrial Companies: According to the research findings, the GCC region experienced a total of 42 ransomware attacks during the period spanning the second half of 2021 to the first half of 2022. Among the countries in the region, the UAE and Saudi Arabia had the highest number of attacks, with 33 percent of the targets located in the UAE and 29 percent in Saudi Arabia.

Heightening Focus on Prevention as Ransomware, DDoS, and Insider Attacks Surge

In the face of escalating ransomware, DDoS, and insider attacks, organizations are intensifying their commitment to proactive cybersecurity measures. Recognizing the need to stay ahead of potential disruptions, businesses have a responsibility to bolster their security posture and invest in robust cybersecurity strategies.

Cyber warfare experts are advising their clients to prioritize immediate improvements in employee awareness training. They recommend implementing various measures, including:

  • Conducting red team exercises to simulate real-world attack scenarios.
  • Implementing phishing and email exercises to enhance employee vigilance.
  • Performing attack simulations to identify vulnerabilities and test defense mechanisms.
  • Regularly testing backup and security systems to ensure their effectiveness.

Employers are increasingly realizing that they may not possess the necessary expertise in-house and are turning to outsourcing for support. Goldstein Research forecasts that the GCC Cybersecurity market will reach a value of USD 11.4 billion by the end of 2024, exhibiting a compound annual growth rate (CAGR) of 5.9%. Another study indicates that the growth of outsourcing, consulting, and managed services is projected to reach nearly 65% of the global cybersecurity market this year. Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) can fill these gaps by offering comprehensive support, including design, implementation, and long-term assistance. MSPs often provide flexible outsourcing models, enabling clients to choose the level of support that best suits their needs, whether it’s one-time assistance or a long-term engagement.

Acronis, a leading provider in the field, offers in-depth cyber risk assessments and maintains a comprehensive information security and compliance program. Manufacturers are increasingly turning to MSPs like Acronis for assistance in safeguarding data, ensuring compliance, and enhancing productivity. Acronis specializes in ransomware protection, IT disaster recovery, continuous data protection, and other vital services for MSPs and businesses alike.

Last Updated on 2 years by News Desk 2

News Desk 2

News Desk 2 produces the latest news for the Middle East region, with a key focus on the six GCC nations: UAE, Saudi Arabia, Qatar, Bahrain, Kuwait, and Oman. News Desk 2: press@menews247.com
Follow Me:

Related Posts