Manufacturers bear brunt as cyber criminals innovate

Cyber criminals are becoming more and more innovative, and are increasingly automating attacks, with manufacturers the most attacked sector in the UK by some way, and the tech sector the most attacked at the global level. As widely reported, some look to gain from the ongoing COVID-19 pandemic. Despite their best efforts, many organisations are unable to stay ahead of attackers, while others are still struggling with basics such as patching old vulnerabilities.

These are among the headline findings of NTT's latest Global Threat Intelligence Report, which again confirms the pace of innovation amongst threat actors.

Attackers are investing in automation techniques, developing multi-function attack tools and using artificial intelligence and machine learning. About a fifth of attacks globally were in the form of a vulnerability scanner.

Manufacturing regularly appears as one of the most attacked industries globally. Most commonly linked to intellectual property (IP) theft, it increasingly faces financially motivated data breaches, global supply chain risks and risks from unpatched vulnerabilities.

Manufacturing topped the list of most attacked sectors in both the UK and Hong Kong. The tech sector was next in the UK, followed by business and professional services, then government and finance.

Reconnaissance attacks accounted for half of all hostile activity in the UK and Ireland (29%), with web application the next most common form of attack (22%). Reconnaissance activity (60%) was also the most common attack type against manufacturers followed by web application attacks (36%).

NTT's Rory Duncan said: “UK manufacturing has become a major target for attackers in recent years as a result of the increased risks brought about from the convergence of IT and Operational Technology (OT). The biggest worry is that security has lagged behind in this sector, potentially exposing systems and processes to attack. Poor OT security is a legacy issue; many systems were designed with efficiency, throughput and regulatory compliance in mind rather than security. In the past, OT also relied on a form of ‘security through obscurity’. The protocols, formats and interfaces in these systems were often complex and proprietary and different from those in IT systems, so it was difficult for attackers to mount a successful attack. As more and more systems come online, hackers are innovating and see these systems as ripe for attack.

"The current global pandemic and the flow of trusted and untrusted information used to mask the activities of cyber criminals has shown us that they will take advantage of any situation."

    Share Story:

Recent Stories

Your people and the pandemic: Are you doing enough?
Employee health, well-being and security have always been a vital part of risk management, and as organisations seek ways to ensure a smooth, successful and sustainable return to operations amid the evolving environment, careful consideration has to be given to all these areas, and quickly. Published August 2020

Responding to COVID-19: A safe and secure return to work
Learn more from the experts that worked on the recovery of the Diamond Princess. Published July 2020