Skip Navigation
BlackBerry Blog

Ransomware Attacks in Manufacturing and What Business Leaders Fear Most

Ransomware attacks are slamming the manufacturing industry and the costs are mounting.


Most recently, MKS instruments — a global provider of instruments, systems, and process control solutions for microchips and other advanced manufacturing — announced it expected to miss first quarter revenue projections by about 20% following a ransomware attack. According to an investor news release, “Prior to the ransomware event, the Company expected revenue in the first quarter of approximately $1 billion. The Company currently estimates the impact from the incident on first quarter revenue to be at least $200 million.”

The company says the attack, discovered in early February, impacted its ability to process orders, ship products and provide service to its customers. It’s a tough way to follow up the previous quarter, when the company reported record revenue.

Cyberattack Impacts on the Bottom Line

In today’s highly integrated supply chain, a successful attack on a supplier can create losses for its customers, as well as its investors. An example comes from chip maker Applied Materials, which subsequently announced it will take a $250 million financial hit in the second quarter, due to “a cybersecurity event recently announced by one of our suppliers.”

This certainly makes recent headlines all too real. One recent story reported a 70% surge in ransomware attacks against U.S. manufacturers. Here in the UK, research conducted by BlackBerry and Make UK — a manufacturing trade organization — found more than 4-in-10 manufacturing firms experienced a cyber incident in the last year. Many of these incidents resulted in work stoppages.

Gone are the days of thinking any organization is safe from cyberattacks — including those in the manufacturing sector and other heavy users of operational technology (OT). Special-purpose machines such as factory-floor equipment are not immune to the ravages of cyberattacks. Anything that can be disrupted electronically is a potential target, and the impact of a cyberattack on such systems can be far-reaching and extremely damaging.

7 Cyberattack Outcomes Manufacturers Fear

The manufacturing industry is becoming more advanced and built around a combination of connected IoT devices and legacy systems. This drives new efficiencies and allows the industry to rapidly create innovative and higher quality products. However, it also increases the attack surface and the necessity to understand and prevent vulnerabilities that come with this technological evolution.

The BlackBerry and Make UK research revealed the seven things manufacturers fear most about suffering a cyberattack:

  1. Disruption to operations (65.2%)
    A large number of survey respondents say they are most afraid of a production stoppage. In many cases, stoppages result in the company being unable to function, or functioning at reduced levels.

  2. Damage to reputation with customers/suppliers (42.9%)
    Four-in-ten respondents say they worry about a cyberattack tarnishing the organization’s reputation.

  3. Unauthorized access (29.5%)
    Nearly a third of respondents worry about unauthorized access as part of a cyberattack. This could include access to critical systems or data.

  4. Intellectual property (IP) theft (19.6%)
    One-in-five say they are concerned with IP theft. This includes stealing ideas, copyrights, patents, logos, inventions, client lists, marketing strategies and more.

  5. Collateral damage (14.3%)
    Nearly 15% of survey respondents are concerned about collateral damage from a cyberattack. This can be described as unintentional consequences in the wake of a singular action. For example, failure to deliver products by a required deadline could potentially impact earnings, jobs and trusted relationships.

  6. Impacts on safety (7.1%)
    Some industry decision makers surveyed worry about impacts to safety. This could include damage to equipment or physical risk to their employees.

  7. Impacts on product quality (6.3%)
    Some are concerned that a cyberattack might degrade product quality.

Protecting Your OT Environment Against Cyberattacks

In his recent blog, “Evolution of IT/OT Connectivity in Manufacturing Creates Cyber Risk,” IDC Research Director Ed Lee addresses why protecting both IT and OT are so important. He writes, “Interconnectivity creates tremendous benefits, and at the same time, it elevates cyber risk. For example, a targeted ransomware attack making landfall in an IT system can spread laterally into OT systems with the potential of taking a manufacturing plant hostage for days or even weeks.”

"Whether connected or not, many OT systems are vulnerable.” Such systems may be decades old, in some cases, and run by control systems, such as industrial control systems (ICS), human machine interfaces (HMI), and engineering workstations. Because they often rely on outdated hardware, they “cannot be patched, and may run unsupported operating systems.”

This is why our team is championing the concept of a “self-defending factory floor,” to provide better cybersecurity in manufacturing. BlackBerry can help you establish this through our Cylance® AI endpoint protection, which delivers a lightweight presence on your endpoints—without the need for signatures, heuristics, or even Internet connections. This means it even protects air-gapped environments.

In today’s manufacturing, the adage “if it ain’t broke, don’t fix it” no longer applies. Legacy software and machines can quickly create vulnerabilities if not properly secured against the ever-growing catalog of cybersecurity threats.

However, OT security should not be driven by fear. Instead, it should be seen as a potential competitive advantage that leads to having a more secure, reliable, and profitable production pipeline.

For similar articles and news delivered straight to your inbox, subscribe to the BlackBerry Blog.

Keiron Holyome

About Keiron Holyome

Keiron Holyome is Vice President - UKI, Middle East & Africa at BlackBerry.