20 percent of US and UK manufacturers were victims of a cyber attack in 12 month period

Published: Friday, 18 June 2021 08:46

1-in-5 manufacturing companies in the US and UK have been victims of a cyber attack in the last 12 months, according to the 2021 Manufacturing Cybersecurity Threat Index released by Morphisec. Of the 1-in-5, nearly a quarter (24 percent) report that cyber attacks against their organizations occur weekly, evidence of the rising threat for an industry that has recorded one of the highest number of attacks of any sector since the onset of COVID-19.

With recent attacks targeting intellectual property (IP) and critical infrastructure debilitating entire manufacturing organizations, Morphisec combined internal data on the manufacturing attack landscape with an external survey of 567 manufacturing employees across the US and UK in April to inform its inaugural index looking at the manufacturing industry.

The index found that 57 percent of manufacturing employees are more worried today about their organization being targeted for IP by cybercriminals than they were a year ago. 70 percent also note that they believe manufacturers have been targeted more since the beginning of the pandemic. Cybercriminals appear to have been encouraged by the crisis to go after vulnerable industries like manufacturing that need to be operational around the clock.

To better understand the attack types that malicious actors use within the manufacturing sector, Morphisec analyzed attempted attacks against manufacturing endpoints it has been deployed on over the last year. It found that infostealers and bankers made up the highest percentage of attempted endpoint attacks (31 percent). Additionally, although the percentage of ransomware (13 percent) and supply chain (8 percent) attack attempts against manufacturing endpoints were less, they saw a marked increase over the last twelve months.

When it came to attempted attacks targeting servers, Morphisec found that manufacturers experienced the most attempted exploits focused on initial access. This was the most active type of attempted attack on manufacturing servers (30 percent) as exploits targeted BlueKeep and SMBGhost. Ransomware (15 percent) was also highly used by attackers targeting the servers within manufacturing organizations. Many of these attempted attacks were designed to leverage human-operated ransomware to direct the attack upon entry into the target’s systems.

Nearly all of these attack types can be costly for manufacturers. Morphisec uncovered through its surveying that in most cases (53 percent), organizations needed up to a week to recover from attacks. A fifth of incidents (18 percent) required two weeks to recover. In the most extreme cases where organizations needed three weeks or more to recover, respondents noted that they had fallen victim to ransomware.

In addition, Morphisec found that more than three-quarters (76 percent) of manufacturing employees say they’ve had at least some colleagues working from home during COVID-19. As has been widely reported throughout the pandemic, remote work environments have only encouraged cybercriminals to seek out gaps in employees’ home networks, as well as their reliance on vulnerable collaboration applications, to gain access to company data. Of respondents that say they’ve had colleagues working remotely, nearly two-thirds (63 percent) admit it has increased the risk of a cyber security breach against their organization.

More details.