Cyber attacks on UK firms increase in wake of pandemic

“Almost overnight companies that were forced to switch to remote production … on hastily supplied laptops realised just how much their vulnerability had increased,” according to Make UK.

“Cyber criminals have been exploiting the emergency working measures, mounting attacks which have come at a massive cost to businesses,” the manufacturers’ organisation said in comments accompanying release of its Cyber Resilience - The Last Line of Defence.

While the attacks vary in seriousness and monetary cost, even the smallest cyber invasion could render a manufacturing company unable to operate for a time, lose critical intellectual property (IP), data and/or cause significant reputational damage. 

While 47% of Britain’s manufacturers have experienced a cyber-attack in the past 12 months, 62% of the country’s automotive companies have been the victim of cybercrime in the same period. The chemical and defence sectors have also seen a higher than average number of incidents.

“As manufacturers continue to digitise and, with a growing number of the workforce working remotely, the importance to recognise the risk of a cyber-attack only grows greater,” Make UK’s report states.

“This should in no way prevent companies becoming more digital, but it is crucial to be aware and to put cyber security threats and prevention at the centre of any digital infrastructure plans. Cyber-attacks will inevitably evolve and so should cyber defences to protect valuable IP, data and reputation.”

Citing the Global Cybersecurity Risks in the Manufacturing Industry report by global risk-management company Willis Towers Watson, Make UK adds: “While the term ‘smart’ manufacturing is used constantly, ‘smart and secure’ must become the new moniker as cyber risk can no longer be ignored.”

Make UK’s own survey shows around half of manufacturers say cyber security has become a higher priority since the start of the coronavirus outbreak, and 61% now have a designated board director responsible for cyber protection.

Also, 43% of manufacturers report they have already been asked by a customer to demonstrate or guarantee the robustness of their cyber processes and a fifth have done likewise with customers or suppliers. Just over half (52%) of manufacturers have taken out insurance to cover any losses from cyber incidents.

Make UK’s CEO Stephen Phipson said: “The cyber security threat to manufacturers is growing and evolving with it.

“No business can afford to ignore this issue and while the increased awareness across the sector is encouraging, there is still much to be done with too many businesses still burying their heads in the sand …

“Every business is vulnerable and every business needs to take the necessary steps to protect themselves properly.”

The survey showed 44% of manufacturers do not offer cyber security training to staff and 47% do not have a formal plan or process agreed in case of an attack. 

“To prevent an attack, it is important for employees to have the skills and tools to recognise an attack is taking place in the first place and to know the emergency steps to take to prevent the company system being taken over completely,” Make UK said.

Register to receive the latest cyber security news and analysis straight to your inbox