As the manufacturing sector is moving towards automation and using software-centric and IoT technologies, cybercriminals see a larger attack surface to target to gain access inside the networks of manufacturing organizations. Recently, Palfinger, a well-known crane and lifting manufacturer, has been targeted in a major cyberattack.
Recent Observations
In recent months, several manufacturing organizations have been targeted, including A10 Networks, Prusa Research, National Detergent Company, BEXIMCO, Qiui, Dassault Aviation, and NameSouth. The cyberattacks were found to be mostly focused on manufacturing organizations located in North America, followed by some attacks in Western and Southern Asia. The IoT industry has been heavily affected by these attacks, along with automobile and aircraft manufacturers.
Additional Statistics
In a recent Data Breach Investigations Report by Verizon, it was noted that around 73% of cyberattacks against the manufacturing sector were motivated by financial reasons, while the remaining involved espionage. Additionally, about 75% of attacks involved external forces while internal threats accounted for the remaining 25% of attacks.
Additional Info
Ransomware attacks are still prominent and targeting major manufacturing organizations. The ChastityLock, Ragnar Locker, and NetWalker ransomware groups are found to be active. Some of the major infection vectors used in recent cyberattacks include phishing, data theft, ransomware extortion, and unauthorized access. In addition, the attackers were observed to be abusing several vulnerabilities in the used software applications.
Conclusion
The rapid digitization has made the manufacturing sector a prominent target among cybercriminals. Thus, experts suggest manufacturing organizations have proper patch management and endpoint security solutions. In addition, they are recommended to provide training to employees and have a backup of important data.