Learn more about the latest ESG updates from the SEC. ...
What were the most common cyber attack patterns in the manufacturing industry in 2023?
In support of Cybersecurity Awareness Month, we are examining reported incidents by industry. The focus of this article will be on manufacturing.
With a fourth industrial revolution upon us, the manufacturing industry is getting smarter by the minute with autonomous systems fueled by intelligent data sets and machine learning capabilities. But new technology breeds new vulnerabilities, creating new entry points for threat actors, such as supplier entities, operational software, Industrial Internet of Things (IIoT) devices and more. This invites opportunities for industry disruption.
So, what were the most common cybersecurity attack methods targeting the manufacturing industry in 2023?
According to the Verizon 2023 Data Breach Investigations Report (Verizon DBIR), 83% of all reported incidents in the manufacturing industry were from system intrusion, social engineering or basic web application attacks.
And external actors with financially driven motives continue to be the biggest thorn in the side of the manufacturing industry, with 90% of the reported incidents carried out by external parties and 96% of them being financially motivated.
For more than two years, system intrusion rates have risen across the manufacturing sector. System intrusion usually takes the form of hacking or malware, with ransomware accounting for the most breaches. But don’t discount Denial of Service (DoS) attacks.
The Verizon DBIR reports that DoS attacks account for 67% of the system intrusion-related attacks on the manufacturing industry. DoS attacks occur when threat actors flood a host or network with traffic until the target can’t respond or crashes altogether.
This can shut down critical manufacturing infrastructure, delaying a company or supplier’s ability to meet production deadlines. CISA recommends enrolling in a DoS protection service and creating a thorough disaster recovery plan that’s familiarized throughout your organization to ensure swift action can be taken to mitigate risk and/or recover in the event of an attack.
With the growing volume of digital infrastructure in the manufacturing industry, it’s more important than ever to secure your digital ecosystem. Although not as prevalent as the system intrusion trend, we continue to see social engineering attacks hitting this industry, tricking people into providing access to sensitive information.
But the good news is there is a lot that can be done to reduce the threat of social engineering attacks, including but not limited to, advanced email filters, penetration testing, network segmentation and user awareness training.
Don’t overlook your website as an entry point for attackers. In June 2015, the American clothing manufacturer, Hanesbrands, Inc., was hit with a website attack that compromised the online and telephone data of more than 900,000 customers.
The attacker pretended to be a guest customer checking on their order, using security gaps in the website design to access the customer database. Mailing addresses, phone numbers and the last four digits of payment cards were exposed in the process. Making sure you have the necessary security plugins and implementing a firewall are critical steps in encrypting and securing web-based communications.
This article is part of a series highlighting the most common cybersecurity incidents by industry and is based on data from the 2023 Verizon DBIR. Additional articles include:
It is important to note that the data referenced is from organizations that chose to disclose incidents and data breaches.
About Cybersecurity Awareness Month
Since 2004, the United States and Congress have recognized October as Cybersecurity Awareness Month to raise awareness about the importance of cybersecurity in the public and private sectors and tribal communities. The year marks the 20th year anniversary of Cybersecurity Awareness Month and this year's campaign, Secure Our World, focuses on four ways to protect yourself, your family and your business from online threats.
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.
Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity.