By Gregory Hale
When you talk about potential attackers hitting a manufacturer, one big fear is a nation-state attack – and rightly so – but organized crime remains the top suspect in any potential assault in the industry, a new report said.

In essence, 38 percent of attackers fall into the nation-state mode, and around 57 percent of attackers fall into the organized crime category, according to the Verizon 2020 Data Breach Investigations Report (DBIR). On top of that, 28 percent of breaches recorded ended up motivated by espionage.

There were 922 incidents reported in the manufacturing sector, with 381 confirmed data disclosures, the report said. That is in comparison to the entire report which covered multiple industry sectors and researchers analyzed 32,002 security incidents of which 3,950 were confirmed data breaches.

The breach report, now in its 13th year, is showing the manufacturing industry is seeing a large increase in attacks.

Schneider Bold

Manufacturing is beset by external attackers using password dumper malware and stolen credentials to hack into systems and steal data, the researchers said. While the majority of attacks are financially motivated, there was also cyber espionage going on. In addition, there were internal employees misusing their access to steal data.

As the researchers said, the industry has long been a “much-coveted target of cybercrime and this year is no exception. Whether it is a nation-state trying to determine what its adversary is doing (and then replicate it) or just a member of a startup who wants to get a leg up on the competition, there is a great deal of valuable data for attackers to steal in this industry. And steal it they do.”

The top way attackers use to steal information is the password dumper, capture app data and downloader. In fact, 29 percent of data breaches ended up caused by external factors such as password dumpers, app data capturers and downloader, the report said.

“This combination of obtain password, infiltrate network, download software and then capture data paints a very clear picture of what’s going on in this vertical, but it may not be a picture you want hanging on your wall if you do business in this area,” the researchers said.

Types of manufacturing industry breaches.
Source: Verizon DBIR

Ransomware (while not considered a breach in this report) remains a danger for this industry at 23 percent of all malware found in incidents.

Web applications attacks came in second place for attacks dominated by the use of the stolen credentials to compromise a variety of web apps used in enterprises, according to the researchers.

“Sometimes these credentials are obtained via malicious links served up in successful phishing attacks, sometimes they are obtained via desktop sharing and sometimes it is unclear how the victim is infected,” the researchers said. “Regardless of how they are compromised, these credentials, often of the cloud-based email variety, are very successful as a means to an end in this vertical.”

There are several patterns closely grouped in the third-place position for manufacturing: Misuse (13 percent), which by definition involves insiders, and is mostly privilege abuse — the attacker has legitimate access but they use those privileges to do something nefarious — and data mishandling, of which prime examples are sending company data via personal email or placing it on cloud drives in order to work from home.

Error is ubiquitous in all of the verticals reported on in this year’s report and manufacturing is no different with plenty of misdelivery and misconfiguration.

Click here to view the report.


Pin It on Pinterest

Share This