The manufacturing industry has emerged as the most targeted by cyber attacks, accounting for more than 25% of incidents across the top 10 sectors, with 45% of these involving malware.
The industry’s appeal to malefactors has grown, largely due to its interconnectedness—dependent on elements ranging from raw materials to logistics—its low tolerance for operational disruptions, and the high value of intellectual property stored in its systems, which competitors could exploit to save millions.
This was revealed by KnowBe4’s latest report, dubbed “Manufacturing: Maintaining Stability As Cyber Threats Explode in Volume and Sophistication.” The study delves into the state of cybersecurity within the manufacturing sector, the tactics cybercriminals are employing, and the steps organizations can take to protect themselves.
Key highlights from the report include:
- Phishing is identified as the top initial attack vector, followed by the exploitation of public-facing applications.
- The Asia-Pacific region was the hardest hit in 2023, responsible for over half (54%) of all reported cyber incidents.
- Europe was the second most targeted region, with 26% of attacks, while North America and Latin America saw 12% and 5%, respectively.
- A concerning 56% rise in ransomware attacks involving extortion was noted, marking a significant shift in cybercriminal strategies.
- Information-stealing malware saw a staggering 266% increase in deployment, aimed at acquiring credentials for email, social media, messaging, and financial accounts.
- The manufacturing sector experienced an 88% increase in average ransom payments, reaching nearly $2.4 million in the past year.
- According to KnowBe4’s 2024 Phishing by Industry Benchmarking Report, smaller manufacturing organizations performed better than the average Phish-prone™ Percentage baseline of 34%. Companies with fewer than 250 employees showed a lower rate of 27.9%, while larger organizations (1,000+ employees) saw 37.5% of staff clicking malicious links in phishing emails without security training, highlighting a major vulnerability.
KnowBe4 CEO Stu Sjouwerman says manufacturing’s increasing reliance on IT and OT systems, along with the globalisation of supply chains, has heightened its vulnerability and appeal to cyber criminals.
In this environment, Sjouwermansays raising awareness and delivering effective training to counter phishing and social engineering attacks is no longer optional—it is vital. “These efforts are essential not only for individual organisations, but for maintaining stability across the global manufacturing industry and ensuring the uninterrupted flow of goods to consumers and businesses worldwide.”
The report includes case studies of recent cyber incidents across North America, Europe, Asia, and Oceania. Manufacturing: Maintaining Stability As Cyber Threats Explode in Volume and Sophistication serves as a stark reminder that as cyber threats advance, so too must our defense strategies.
To download a copy of the report, click here.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.