Cyber-attacks in India’s smart manufacturing firms on the rise
As more Indian firms look to deploy the Internet of Things (IoT), smart sensors, mobility solutions, connected devices, or robots on shop floors today, they become increasingly prone to sophisticated cyber-attacks. The damage caused by these attacks can lead to financial losses in the case of a ransomware attack, as well as significant disruptions in operations or physical damage to systems on shop floors.
A new report published on Wednesday from cybersecurity firm Fortinet showed that over half (55%) of smart manufacturing firms in India reported more than six intrusions in the last year, up from 11% the year before. This increase is due to companies integrating the networks running operational technology (OT) and information technology (IT), making it a top concern for the C-suite.
OT systems, which monitor and manage industrial process assets and equipment, traditionally interacted with machines on factory floors and other devices. In contrast, IT networks deal with big data, machine learning, machine-to-machine (M2M) communication, and the Internet of Things (sensors).
Santosh Jinugu, Partner at Deloitte India and a cybersecurity expert, explained that the convergence between the physical worlds of OT and IT is increasing in the quest to harness emerging technologies in smart factories. While IT−OT integration has several benefits, it also exposes various risks from a cybersecurity perspective if not done properly. Cyber-attacks like ransomware and malware pose significant risks to many manufacturing companies, along with theft of intellectual property, security breaches involving third parties, increasing sophistication and proliferation of threats, employee errors, and omissions.
Vishak Raman, Vice President of Sales for India, SAARC, SEA & ANZ at Fortinet, stated that as threats grow more sophisticated, the report suggests that most organisations still have blind spots in their environment. According to him, seven out of 10 CIOs/CTOs reported experiencing ransomware or wiper intrusions this year, almost double the attacks reported in 2023, indicating the need for improvement in network visibility and detection capabilities.
The challenges faced by technology leaders in the OT environment were also highlighted in another report published by cybersecurity firm Palo Alto earlier this week, which stated that 75% of CIOs working in manufacturing reported that their organisations experienced at least one cyber-attack in the past year. Equally alarming is the frequency of these attacks, with 63% of respondents experiencing attacks monthly or weekly.
Anil Valluri, MD and VP of Palo Alto Networks India and SAARC, emphasized that cyber-attacks can shut down Indian OT operations, with a quarter of Indian industrial entities forced to halt operations due to successful cyber intrusions, underscoring the dire consequences of such incidents.
One of the key factors contributing to poor security among Indian firms is the continued use of older platforms. Raman added that these outdated systems provide many opportunities for attacks.
Another vulnerability comes from supply chain partners, as highlighted by a CIO of a manufacturing company who shared an incident where a phishing attack almost resulted in a significant financial loss. Implementing vulnerability assessments and investing in cybersecurity management programs that cover both IT and OT networks are crucial for manufacturing organisations.
Jinugu stressed the importance of developing a structured and strategic approach to addressing cybersecurity risks in smart factories. This includes conducting an in-depth security assessment, implementing 24x7 monitoring through a robust IT-OT security operations center, establishing incident response and cyber crisis management plans, driving awareness and training among OT specialists, and regularly testing the resistance and resiliency of OT environments.
While governments in India and worldwide are increasingly recognising the importance of OT security, partnerships in the field of OT security are also crucial. Companies like Honeywell, Rockwell Automation, and Schneider have taken steps to collaborate with industry ecosystems, develop new technologies, and enhance security capabilities to address the growing cybersecurity threats facing smart factories, he said.