Why Does Manufacturing See the Most Cyber Attacks?

A 2022 Siemens report stated that unplanned downtime costs Fortune Global 500 companies almost US$1.5tn.
IBM X-Force's 2024 Threat Intelligence Report shows how manufacturing is the sector most targeted by cyber attacks, having topped the table for three years

In a conclusive announcement, the manufacturing sector has for the third time been ranked as the most-attacked industry in an IBM X-Force Threat Intelligence Report.

Manufacturers comprised more than 25% of security incidents last year, with malware attacks – primarily ransomware –making up the majority.

Taking the top place three years in a row, the report points to several factors that are making manufacturing particularly vulnerable to cyber threats in the current climate.

Attacking a crucial artery 

Manufacturing facilities are integral to the economy, producing essential goods and services. As evidenced by things like the pandemic, when their operations go down or are impacted, costs rack up.

A 2022 Siemens report stated that unplanned downtime costs Fortune Global 500 companies 11% of their yearly turnover – almost US$1.5tn.

These costs arise from immediate production losses and longer-term impacts on customer trust and market position. 

This low tolerance for downtime makes it an attractive target for cybercriminals who seek financial gains through ransomware attacks. A production halt may see some companies more likely to pay attackers to relent then deal with an even costlier period of downtime; further exacerbating the problem. 

Youtube Placeholder

Manufacturing is also increasingly adopting digital technologies in efficiency improving efforts. With operations being largely on a production line, the benefits for such technologies are easily implemented and easy to see the benefits. 

Yet, they also expand the attack surface greatly. The integration of Industrial Internet of Things (IIoT) devices means an expansion in the number of endpoints, which lead to legacy systems, which often have security vulnerabilities. 

The threats facing manufacturers

One of the most significant threats to the manufacturing sector is credential harvesting. Cybercriminals target manufacturing companies to obtain credentials that grant access to high-value data. 

The IBM X-Force report noted a 266% increase in infostealing malware, which is designed to capture credentials for emails, social media, and banking details. This trend highlights the ongoing investment by threat actors in innovative ways to gain access to user identities.

Compiling this with Gen AI, attacks are able to leverage stronger than ever  identity-based attacks. Plus, AI can be employed to distil vast amounts of compromised data, identifying the most lucrative targets for attacks. 

Despite the seemingly bleak outlook for manufacturers, the IBM X-Force report found that the majority (85%) of incidents they studied could have been prevented with measures such as patching, multi-factor authentication (MFA), and least-privilege principles.

They also highlighted the need for manufacturers to stress-test their systems to identify potential vulnerabilities and develop incident-response plans.

While the importance of cybersecurity is recognised across sectors, with many now seeing it as crucial to their overall plans for digital transformation, some are still hesitant to invest due to the perceived high costs of implementing cybersecurity measures. 

But as the frequency of attacks increase, soon any tactics of paying off attackers to relent on their systems may tally up higher than the defence itself. As the manufacturing sector continues to digitise and expand its digital footprint, it becomes increasingly vulnerable to cyber attacks. 

The industry's critical role in the economy, combined with its low tolerance for downtime and complex digital environments, makes it a prime target for cybercriminals. But by prioritising cybersecurity measures and adopting a proactive approach to threat management, manufacturers can better protect their operations and ensure long-term resilience in the face of evolving cyber threats.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

Share

Featured Articles

Why the UK is Listing Data Centres as Critical Cyber Assets

Being Western Europe's leader in number of Data Centres, the UK has decided to take steps to ensure they receive adequate protection from cyber threats

Trustwave Reveals the Financial Sector's Cyber Threats

Although it's not new to think that financial services organisations are prime targets for cybercriminals, the threat landscape they find themselves in is

TCS and Google Cloud Join for Solution to Secure the Cloud

TCS partners with Google Cloud to launch a range of AI-powered cybersecurity solutions to help businesses secure their clouds against advanced threats

Cybersecurity Conglomerate Reveals Threats Facing Consumers

Cyber Security

Decoding the US' Most Misunderstood Data Security Terms

Cyber Security

Orange Cyberdefense's Wicus Ross Talks Cyber Extortion Trend

Hacking & Malware