The manufacturing sector experiences more attacks in the cloud than any other industry

Phishing, user account compromise and data theft were the most common security incidents in the cloud for manufacturing companies in 2023.

  • 9 months ago Posted in

Netwrix has revealed additional findings for the manufacturing sector from its survey of 1,610 IT and security professionals across more than 100 countries.

According to the survey, 64% of companies in the manufacturing sector suffered a cyberattack during the preceding 12 months, which is similar to the finding among organisations overall (68%). However, it turned out that the manufacturing sector experiences more cloud infrastructure attacks than any other industry surveyed. Among manufacturing companies that detected an attack, 85% spotted phishing in the cloud compared to only 58% across all verticals; 43% faced user account compromise in the cloud as opposed to 27% among all industries; and 25% dealt with data theft by hackers in the cloud compared to 15% for organisations overall.

“The manufacturing sector relies heavily on the cloud to work with their supply chain in real time. This makes their cloud infrastructure a lucrative target for attackers — infiltrating it enables them to move laterally and potentially compromise other linked organisations, as happened to one the world’s top meat processing companies. Credential compromise or malware deployed via a phishing email is just the beginning of the attack,” says Dirk Schrader, VP of Security Research at Netwrix.

“The attack surface in the cloud is always expanding, so it’s critical for manufacturing companies to adopt a defense-in-depth approach,” adds Ilia Sotnikov, Security Strategist at Netwrix. “First, they must rigorously enforce the principle of least privilege to limit access to sensitive data, which ideally includes just-in-time access to eliminate unnecessary entry points for adversaries. They also need to gain deep visibility into when and how critical data in the cloud is being used so that IT teams can promptly spot potential threats. Finally, they need to be prepared to minimise the damage from incidents by having a comprehensive response strategy that is regularly exercised and updated.”

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...