Skip to main content
main content, press tab to continue
Campaign

Cyber spotlights on the manufacturing industry: Identify, assess, protect

Dive into cyber spotlights on notable incidents, latest threats, current trends, and tailored solutions for the Manufacturing industry.

Contact Us

This spotlight delivers an overview of the latest cyber risks impacting the sector generally, including recent incidents and emerging threat vectors. We also highlight our insurance solutions that can address the cyber vulnerabilities faced by the manufacturing industry. Use our insights to enhance your organisation’s cyber risk management approach.

What cyber incidents have we seen from the manufacturing industry?

A US headquartered automotive software provider reported a cyber attack in June this year, costing car dealerships more than $1 billion collectively. It is reported to have been a ransomware attack, with the provider paying a $25 million ransom as a result of the incident. This incident also emphasised the risks associated an industry sector’s reliance on small number of software providers.

Read more here

A cleaning products manufacturer suffered a cyber-attack reported in August 2023, with costs amounting to $49 million. Due to the incident, they were forced to shut down many systems which caused delays in order processing and product outages. They expect net sales to reduce between about $487 million and $593 million.

Read more here

A global leader in marine recreation products such as marine propulsion systems and boat manufacturing suffers an IT security incident impacting systems and global facilities in June 2023. I disrupted operations for 9 days costing the organisation $85 million.

Read more here

A German battery manufacturer halted production in February 2024 due to a cyber-attack. The cyber attack affected IT systems and production equipment, resulting in the closure of five plants. The company took the decision to voluntarily shutdown its IT network for security reasons.

Read more here

A multi-billion-dollar semiconductor supplier suffers USD 250million in lost sales due to a ransomware attack affecting one of their suppliers. This incident demonstrates the supply chain risks present in the manufacturing and distribution industry.

Read more here

Cyber insurance claims we have seen from the manufacturing industry

Below is a selection of recent anonymised claims managed by WTW.

laptop-error

Ransomware

The insured was the victim of a ransomware attack which disabled systems and potentially exposed data associated with current and former employees. The insured engaged a wide array of vendors to assist in their response and offered credit monitoring services to affected individuals. The insured paid a ransom, and insurers paid out the full limit available under the cyber programme which covered the ransom, vendor costs and business interruption calculation. Total event cost: $5m

fraud

Social engineering

An unknown third-party inserted themselves in an email conversation amongst the insured’s employees and was able to redirect a significant movement of funds to a fraudulent account. The insured were fortunate enough to eventually make a full recovery of the misdirected amount, from banking partners. Total event cost: $3.7m

phishing

Social engineering

An employee of the insured clicked on a link in a phishing email and his e-mail account was compromised as a result. The compromised account was used to divert payments due to genuine suppliers. The insured discovered the matter relatively quickly which resulted in a substantial partial recovery via their bank. The remainder of the loss was below the retention. Total event cost: $3.5m

Ransomware

Ransomware

The insured suffered a ransomware attack which forced the insured to shut down connectivity to isolate and stop the spread of the event. Although no ransom had been received, the insured engaged a wide array of related vendors, including payment forensics to calculate the insured’s loss of business activity. Total event cost: $1.5m+

phishing

Accidental data breach (wrongful collection)

Class action alleging privacy violations specifically that the insured used third party cookies and corresponding data to be stored on consumers’ devices and transmitted to third parties when consumers visited the insured’s websites. Defence costs being incurred and matter developing. Total event cost: $0.5m+

Ransomware

Ransomware

The insured was contacted by the authorities to inform them that they had located compromised login credentials of the insured in the hands of threat actors. The insured investigated the account and then found evidence of encryption which had been enabled and was affecting business continuity. The insured subsequently advised that there was also a data liability exposure and data had been exfiltrated. Insurers appointed forensic investigators, an incident coach and ransom negotiator / specialists and matter developing. Total event cost: $0.2m+

Source: WTW proprietary claims data


Cyber threat trends in the manufacturing industry

Ransomware continues to pose a threat to the sector: The latest annual study from Sophos reveals some key statistics for manufacturer sector:

  • 65% of manufacturing companies reported they’ve been hit by ransomware this year
  • 75% of those ransomware events resulted in data encryption
  • It costs on average USD1.67m to recover from ransomware
  • The average ransom demand is USD2.4m
  • Six in 10 companies pay the ransom

Reliance on key software vendors: The recent CrowdStrike incident, which affected 8.5 million Windows devices, highlighted the reliance business is placing on a modest number of software vendors. While companies that require 100% availability of its IT to fulfil its business operations are more susceptible to IT outages, the global supply chain showed some resiliency in the aftermath of the CrowdStrike incident. A notable feature of the event is that it was not caused by malicious activity but rather defective coding.
Reliance on third parties, including software providers and other IT contractors give rise to the following risks, which can materially impact a company’s operations:

  1. Cyber-attacks against supply chain computer networks
  2. Third-party security shortcomings that exploit a company’s network when connected to a third party’s network
  3. Vulnerabilities within legacy systems
  4. Lack of visibility on what third parties can access within company network

Cyber security legislation for manufacturers of technology products: The forthcoming (applicable to all countries within the European Union) will introduce stringent requirements on developers, retailers and manufacturers of technology products and software. The Act is set to enter into force in the second half of 2024 and manufacturers (regardless of where they are located) will have to place compliant products in the EU by 2027. Failure to do so could lead to fines of up to EUR 15m or 2.5% of annual global turnover, whichever is higher.

Areas from our April 2024 insight release to keep in mind: Employee Awareness should now be organisations number one priority key.

  • Intellectual Property (IP) is a magpie for cyber criminals
  • Increased likelihood of Cyber-attacks causing physical damage
  • Increased Digitisation in the manufacturing sector raises Cyber risk

Our perspective on cyber market trends for the manufacturing industry

Increased appetite from insurers: There has been an increase in appetite over the last 24 months amongst cyber insurers for the manufacturing sector. A number of those insurers are specifically targeting this sector for new business. We expect this trend to continue into early 2025.

How WTW can help with identifying, assessing, and protecting your business

SOLUTION

Concerned, confused, or curious?

WTW is here to help you and your organization identify, assess, and protect itself against cyber risks. Our team of cyber specialists, with years of experience in your industry, will provide you with peace of mind, allowing you to focus on your day-to-day role.

Contact us