Manufacturing is the top target for cyber attackers according to 2018 Global Threat Intelligence Report (GTIR) from NTT Security. The sector represented almost half (46 percent) of all UK cyber attacks in 2017 – more than double that of attacks on manufacturing across EMEA.
The majority of attacks on UK manufacturers came from China, representing 89 percent of attacks on this sector.
Technology organizations, in second place, were the target of 23 percent of attacks in the UK, with business and professional services in third place with 10 percent of attacks. While the finance industry was the most attacked sector worldwide with almost a quarter (23 percent) of all attacks, up from 14 percent in 2016, it was fourth in the UK with 8 percent, followed by government at 5 percent.
NTT Security analysed data from over 6.1 trillion logs and 150 million attacks for the GTIR, highlighting global and regional threat and attack trends based on log, event, attack, incident and vulnerability data from NTT Group operating companies.
“We’ve seen manufacturing becoming an increasingly attractive target to attackers in recent years and we believe this is for a number of reasons,” explains Jon Heimerl, senior manager of the Threat Intelligence Communication Team, Global Threat intelligence Center at NTT Security.
“As manufacturers experience the benefits of automation and the emergence of interconnected and intelligent production systems, they are realigning their operational models to take advantage of these technologies. More than 50 percent of manufacturers have now adopted Industry 4.0 and smart manufacturing, the latest phase in the evolution of manufacturing technology. The lines between traditional and digital manufacturing are blurring, where high value manufacturing and advanced technologies are key for global competitiveness. As a result, they have become more attractive to attackers who see them as a prime target for the theft of IP, for the disruption of operations, and for hijacking networks to launch an attack into other organisations. There’s no one thing driving this trend, but a whole host of interconnected reasons.”
China the number one attack source
China was the number one source of attacks against all sectors in EMEA during 2017. EMEA was the only region in which attacks from US sources fell behind Chinese sources, whereas in 2016 China was the ninth most prominent attack source, accounting for less than 3 percent of all attacks against EMEA.
Attacks from Chinese sources have escalated to the point that China was a top five attack source in each of the top five most attacked industries in EMEA, and accounted for 67 percent of all attacks against manufacturing targets across EMEA.
According to the GTIR, the majority of these attacks on UK manufacturers were from a known bad source (meaning the activity originated from IP addresses within China previously identified as hostile).
The 2018 Global Threat Intelligence Report (GTIR) gathers data from NTT Security monitoring, management, and incident response operations. It also includes details from NTT Security research sources including global honeypots and sandboxes in over 100 countries in environments independent from institutional infrastructures.