Manufacturers bear brunt as cyber criminals innovate

Cyber criminals are becoming more and more innovative, and are increasingly automating attacks, with manufacturers the most attacked sector in the UK by some way, and the tech sector the most attacked at the global level. As widely reported, some look to gain from the ongoing COVID-19 pandemic. Despite their best efforts, many organisations are unable to stay ahead of attackers, while others are still struggling with basics such as patching old vulnerabilities.

These are among the headline findings of NTT's latest Global Threat Intelligence Report, which again confirms the pace of innovation amongst threat actors.

Attackers are investing in automation techniques, developing multi-function attack tools and using artificial intelligence and machine learning. About a fifth of attacks globally were in the form of a vulnerability scanner.

Manufacturing regularly appears as one of the most attacked industries globally. Most commonly linked to intellectual property (IP) theft, it increasingly faces financially motivated data breaches, global supply chain risks and risks from unpatched vulnerabilities.

Manufacturing topped the list of most attacked sectors in both the UK and Hong Kong. The tech sector was next in the UK, followed by business and professional services, then government and finance.

Reconnaissance attacks accounted for half of all hostile activity in the UK and Ireland (29%), with web application the next most common form of attack (22%). Reconnaissance activity (60%) was also the most common attack type against manufacturers followed by web application attacks (36%).

NTT's Rory Duncan said: “UK manufacturing has become a major target for attackers in recent years as a result of the increased risks brought about from the convergence of IT and Operational Technology (OT). The biggest worry is that security has lagged behind in this sector, potentially exposing systems and processes to attack. Poor OT security is a legacy issue; many systems were designed with efficiency, throughput and regulatory compliance in mind rather than security. In the past, OT also relied on a form of ‘security through obscurity’. The protocols, formats and interfaces in these systems were often complex and proprietary and different from those in IT systems, so it was difficult for attackers to mount a successful attack. As more and more systems come online, hackers are innovating and see these systems as ripe for attack.

"The current global pandemic and the flow of trusted and untrusted information used to mask the activities of cyber criminals has shown us that they will take advantage of any situation."

    Share Story:

YOU MIGHT ALSO LIKE


The Future of Risk & Resilience with AI & Data
CLDigital's Co-Founder, Tejas Katwala, joins CIR Magazine to discuss how CLDigital is transforming enterprise risk and resilience. By integrating business processes, AI and data-centric strategies, organisations can move beyond compliance to proactive risk management – simplifying operations, strengthening resilience, and driving business performance. Listen now to explore the future of intelligent risk management.

Investec is disrupting premium finance – Podcast
Investec made waves in entering the premium finance market, where listening and evolving in response to brokers made a real difference.

Advertisement