Memo to CISOs: Hackers Aggressively Target Manufacturing
A new report from NTT Security warns manufacturing industry CISOs: Cybersecurity hackers see you as easy pickings.
NTT’s research draws the standard macro conclusion — the frequency and sophistication of cyber attacks continues to rise globally — but addresses the micro as well, specifically cautioning the manufacturing industry to crank up its vigilance.
The study, entitled Global Threat Intelligence Center 2017 Q2 Threat Intelligence Report, delivers four primary findings:
- Cyber attacks were up 24 percent globally during Q2 2017
- Manufacturers continue to be a key target for cybercriminals
- 67 percent of malware attacks were delivered by phishing emails
- The speed of attacks continues to increase exponentially once proof of concept code is released
One-third of all documented cybersecurity attacks targeted manufacturers in Q2, the report found. Moreover, manufacturers appear in the top three targets in five of the six geographic regions studied globally.
“This latest [report] documents that hackers continue to target the manufacturing sector, which should be a red flag for CISOs across this market segment,” said Jon-Louis Heimerl, NTT Security’s Threat Intelligence Communication Team manager.
What makes manufacturing such a juicy target for hackers? It offers a criminal’s bounty under one roof: Money, intellectual property and confidential personal data.
“This is no coincidence,” Heimerl said. “The motivations for these attacks are often criminal in nature, including extortion via ransomware, industrial espionage, and theft of data such as account numbers. What poses an even greater problem is that when these breaches are successful, yet go undetected, they allow hackers to establish footholds in organizations’ networks where they have free reign to wreak havoc over extended periods.”
Indeed, some 37 percent of manufacturers surveyed in a separate NTT Security report – Risk Value: 2017 – indicated they do not have an incident response plan in place.
“This is very concerning as manufacturers’ IT security liabilities often impacted not just the manufacturing organizations, but suppliers, as well as related industries and consumers,” he said.
NTT Security’s report is based on events identified across its global client base during Q2. Specifically, in identifying trending threats the data is intended to help the security provider develop new assessment and incident response tactics to protect its clients. The company said it advocates a hybrid approach of combining products, systems and services into a comprehensive end-to-end solution.
“Our Global Threat Intelligence Centers are constantly monitoring cyber activities on a global scale and providing us with great insight as to which industries cybercriminals are targeting, why they’re targeting these areas, and how they may do so moving forward,” said Heimerl.