AI has many positive applications, but we often hear about the negative side — bad people leveraging AI tools for nefarious purposes.
There are numerous examples of manufacturing companies being adversely impacted by AI-powered attacks. A study by Abnormal Security showed advanced email attacks surging in manufacturing. According to IBM, manufacturing has topped the list of industries facing cyberattacks for four consecutive years. Attackers often exploit legacy industrial OT/SCADA systems common in factories.
At global chemical manufacturer Orion S.A., attackers deceived an employee into executing multiple fraudulent wire transfers, resulting in $60 million in losses.
Nucor, North America’s largest steelmaker, proactively stopped production at several plants after detecting a cyber intrusion, later attributed to a ransomware group.
Cybercriminals are way ahead of the good guys, governments, and law enforcement. I don’t think we’re going to be able to stop the villains completely, but companies across all industries can improve their ability to detect threats and avoid being victimized.
The Many Threats and Scams
The dark side of AI’s revolution is online organized crime. It’s gotten to the point where some AI tools are being developed specifically for committing fraud, such as breaking passwords.
AI is being weaponized by malicious actors to carry out sophisticated cyberattacks, including highly personalized phishing attacks, mimicking legitimate communications with alarming accuracy. These AI-generated phishing emails or messages can deceive even the most cautious users, leading to data breaches, financial loss, or identity theft.
AI can be used to identify and exploit vulnerabilities in software, networks, or systems faster than human hackers. Automated attacks powered by AI can scale quickly and adapt to defenses, making them particularly dangerous.
AI-powered scams and threats are increasingly targeting the manufacturing industry, leveraging advanced capabilities to exploit vulnerabilities in systems, supply chains, and human operations. Here’s a breakdown of how these threats affect the sector:
The adverse effects of these threats and attacks can’t be overstated. In addition to major financial losses, production can be disrupted or halted, clients go elsewhere due to security breaches and delays in deliveries, reputation and brand trust decline, and cyber insurance increases.
Are manufacturing companies doing enough to take ownership of AI-related security risks and safety? From a customer retention and acquisition perspective, users are expecting more from the platforms. They want to transact in safe environments.
I think the platforms you and I want to be on are taking more responsibility, ownership, and communicating more about the risks and how to prevent them. They’re not pretending that bad things aren’t happening, and they’re reminding people they have to look out for certain behaviors to protect themselves.
There are a variety of mitigation tools and strategies companies can use to defuse AI-powered threats:
- AI-augmented fraud detection tools: Use AI to fight AI by identifying anomalies and behavioral patterns in real-time.
- Identity verification protocols: Implement stronger KYC (Know Your Customer) standards and biometric checks.
- Platform transparency: Be upfront with users about how their data is monitored and protected.
- Legal compliance and preparedness: Keep abreast of laws and regulations around data protection and AI misuse.
- Cybersecurity training with AI awareness: Train employees to recognize AI-generated content, such as deepfake videos or spoofed messages.
- Cross-functional response team: Build a team that includes compliance, product, legal, and engineering personnel to stay ahead of evolving AI threats.
- AI for defense: Deploy AI-based anomaly detection systems to monitor machinery behavior, network traffic, and employee logins. Use predictive analytics to foresee and prevent breakdowns or breaches.
- Vendor and supply-chain vetting: Regularly audit third-party security protocols. Require compliance with industry cybersecurity frameworks.
- Segmented and redundant systems: Isolate critical ICS from non-essential networks. Establish offline backups and manual overrides to recover operations quickly post-attack.
The manufacturing sector is especially vulnerable to AI-powered threats due to its high reliance on automation, legacy systems, and complex supply chains. Staying ahead requires not only technical upgrades but also cultural shifts in awareness and readiness.
Jeremy H. Gottschalk is the founder and CEO of Marketplace Risk and the author of Bulletproof Your Marketplace: Strategies For Protecting Your Digital Platform.