FEATURE: Manufacturing faces distinct challenges in cyber risk mitigation (Part 1 of 3)

Pittsburgh — Note: Part 1 of 3

Cyberattacks on steel producers can have serious repercussions, impeding production and causing significant financial losses for targeted companies. While steel mills face unique challenges in defending their systems, successful strategies can be implemented using the right set of tools, according to cybersecurity experts.

Several steel producers were subject to cyberattacks in 2020, among them Evraz, BlueScope and Stelco, disrupting global operations.

Evraz suffered an attack in March, causing the steel producer to lose approximately 3.5 weeks of production at its North American mills, according to CFO Alexander Vasiliev, who addressed the issue in the company's second quarter earnings call.

Part 2: Steel mills have unique challenges, vulnerabilities to cyberattacks

Part 3: Cyber-informed engineering perspective needed for cyber-defense

"Our production of steel products went down by 4.7% and the main driver there was the cyberattack that we faced in March," Vasiliev said.

Since the attack, the company has instituted new cybersecurity measures including more advanced tools and increased cybersecurity training, said a company spokesman.

Australia-based BlueScope was subject to an attack in May leading to global disruptions in its business. The company said its North Star, Asian and New Zealand businesses continued operating with minor disruptions. In Australia, manufacturing and sales operations were impacted; some processes were paused while others, including steel dispatches, continued with some manual processes and workarounds, the company said following the attack.

It was the first such disruption detected in the company's US businesses and left it scrambling for remedies.

In October, Canada's Stelco fell victim to an attack that left operations temporarily suspended while countermeasures were taken to limit the scope of the incident.

A customer of the mill said he was "dumbfounded by how much the attack shut them down," crippling operations to the point the steelmaker could not melt or finish steel and were losing track of where products were. "I think they lost a month [of production]," added the source.

Another customer said he was still waiting for some of his fourth quarter shipments.

"Cyberattacks are extremely prevalent," said a chief information security officer (CISO) in the steel industry. "You can see them in the news every day on small and large scales and these are just the ones that are being shared publicly."

One major North American steel buyer said he was surprised by how many attacks have occurred on smaller customers. "More and more customers we talk to so many people have gone through the same thing. But they just pay the ransom and get it over with," said the buyer.