The most wonderful time of year for hackers: Why industrial cybersecurity matters more than ever during the holidays

The holiday season is famously “the most wonderful time of the year” — but it’s also prime time for cyberattacks on manufacturing and critical infrastructure. As employees take time off and businesses wind down operations over the holidays, cybercriminals ramp up. This dichotomy of focus creates a perfect storm of risk that most organizations are ill-equipped to weather.

Without vigilant monitoring and proactive protection measures in place, industrial control systems (ICS) and operational technology (OT) environments are dangerously exposed during the holidays. Financial gain is a key motivator, with ransomware gangs eager to exploit vulnerable critical infrastructure like manufacturing, utilities and transportation. However, nation-state actors also take advantage of low staffing and limited oversight to infiltrate networks for future disruption.

The stakes couldn’t be higher. A successful ICS/OT breach during the holidays could result in shutdowns, safety and environmental incidents, supply chain disruptions and other catastrophic impacts. But with a few precautionary steps, organizations can stay off hackers’ “naughty lists” and keep operations running safely this winter.

Continuous monitoring: the gift of 24/7 visibility

The No. 1 thing manufacturers and critical infrastructure operators need during the holidays is continuous visibility into their OT assets and network activity. Many organizations rely heavily on manual reviews and scheduled security scans, which leave big gaps in oversight.

Continuous monitoring solutions close these gaps by providing 24/7 visibility and automatically detecting threats and anomalies in real time. With limited staff on site, automated monitoring acts as an always-alert virtual assistant, alerting security teams to suspicious connections, unauthorized access attempts, ICS protocol violations and other indicators of compromise (IoCs). This allows prompt investigation and prevention of incidents — a lifesaving capability when stretched teams can’t monitor as closely themselves.

MFA and access controls: careful who’s coming down your chimney

Another holiday cyber risk stems from third-party access to OT networks. Vendors frequently request or require remote connectivity over the holidays for maintenance, upgrades, troubleshooting and support. With limited staff on hand, organizations often fast-track these requests. But uncontrolled remote access leaves networks vulnerable to misuse and exploitation.

To keep access secure, multifactor authentication (MFA) should be required for any external connections to OT systems over the holidays. MFA stops 99% of automated attacks using stolen credentials. Centralized access controls can also restrict each vendor to only the specific systems and functions required, limiting lateral movement.

Detailed access logs allow monitoring and recording of all remote sessions in real time. With MFA and controlled access, organizations can securely access with trusted partners — while keeping the bad guys out. There are OT-specific remote access tools designed to interact with OT/ICS; VPN’s simply are not good enough!

Backup power: charged batteries for dark winter nights

Power outages are another holiday reality, from winter storms knocking down power lines to squirrels chewing through substation wires. Critical infrastructure and manufacturing facilities often rely on backup power to keep essential operations up and running. However, generators and uninterruptible power supply (UPS) systems can also be targets for cyber sabotage.

Ensuring these assets are monitored and secured is crucial for resilience in the event the lights go out. Continuous monitoring provides visibility into backup power systems like generators, fuel tanks and batteries, providing alerts to any availability or integrity issues. Protected remote access allows safe troubleshooting by technicians if problems arise. With cyber-protected backup power, organizations can maintain continuity through any outages.

Staying “on duty” 365 days a year

Ultimately, cybersecurity is essential 24/7/365 for manufacturing and critical infrastructure — there are no “off” days. But the holiday season does require extra vigilance to ensure safety and continuity when staffing is low. The winter holidays will come and go, but strong cyber protection provides the gift of resilience around the clock all year long.

By leveraging solutions like continuous monitoring, controlled remote access and protected backup systems, organizations can stay merry and bright while avoiding cyber grinches. ‘Tis the season for cyber preparedness — and there’s no better time than the present to get ready for 2024. With some thoughtful precautions, manufacturers and critical infrastructure operators can confidently enjoy the most wonderful time of year, while keeping operations, employees and their communities protected.




Keep your finger on the pulse of top industry news