The manufacturing sector experiences more attacks in the cloud than any other industry

Phishing, user account compromise and data theft were the most common security incidents in the cloud for manufacturing companies in 2023.

  • 9 months ago Posted in

Netwrix has revealed additional findings for the manufacturing sector from its survey of 1,610 IT and security professionals across more than 100 countries.

According to the survey, 64% of companies in the manufacturing sector suffered a cyberattack during the preceding 12 months, which is similar to the finding among organisations overall (68%). However, it turned out that the manufacturing sector experiences more cloud infrastructure attacks than any other industry surveyed. Among manufacturing companies that detected an attack, 85% spotted phishing in the cloud compared to only 58% across all verticals; 43% faced user account compromise in the cloud as opposed to 27% among all industries; and 25% dealt with data theft by hackers in the cloud compared to 15% for organisations overall.

“The manufacturing sector relies heavily on the cloud to work with their supply chain in real time. This makes their cloud infrastructure a lucrative target for attackers — infiltrating it enables them to move laterally and potentially compromise other linked organisations, as happened to one the world’s top meat processing companies. Credential compromise or malware deployed via a phishing email is just the beginning of the attack,” says Dirk Schrader, VP of Security Research at Netwrix.

“The attack surface in the cloud is always expanding, so it’s critical for manufacturing companies to adopt a defense-in-depth approach,” adds Ilia Sotnikov, Security Strategist at Netwrix. “First, they must rigorously enforce the principle of least privilege to limit access to sensitive data, which ideally includes just-in-time access to eliminate unnecessary entry points for adversaries. They also need to gain deep visibility into when and how critical data in the cloud is being used so that IT teams can promptly spot potential threats. Finally, they need to be prepared to minimise the damage from incidents by having a comprehensive response strategy that is regularly exercised and updated.”

Acquisition of leading DSPM company will bolster Proofpoint’s human-centric security platform...
NTT DATA’s new Managed Detection & Response service powered by Palo Alto Networks Cortex XSIAM...
SPG is enhancing its cybersecurity capabilities in a new partnership with Saviynt, a leading...
Graylog has unveiled significant security advancements to drive smarter, faster, and more...
Datadog has published its new report, the State of Cloud Security 2024. The report found that...
ISACA research shows automating threat detection/response and endpoint security are the most...
Strategic partnership unifies AI-native endpoint security and next-generation firewall protection...
Advanced forms of social engineering are on the rise, though obvious gaps like weak passwords are...