By Matt Aldridge, Principal Solutions Consultant, OpenText Cybersecurity
In recent years, companies across every sector have adopted digital strategies that fuel growth and profitability, driving better, more flexible collaboration using the power of technology. While many of these initiatives have had a positive effect on revenue streams, they have also inadvertently led to an increase in cybercriminal activity, as revealed by OpenText Cybersecurity’s latest annual Threat Report, with manufacturing businesses especially at risk.
A broad look at the cyber landscape
The report’s findings confirm that organised cybercrime groups are doubling down on long-standing tactics while using deepfakes, artificial intelligence, and social engineering techniques to evade defences.
2022’s key takeaways are:
- Phishing attacks are getting smarter. Phishing has remained the most frequently used delivery mechanism for ransomware, and attackers are refining their techniques. With email, text, and call centres remaining the primary methods to execute phishing, more attacks weaponise legitimate and trusted services. Over 1 billion spear phishing emails were prevented last year, a year-over-year increase of 16.4%.
- Phishing is also dominating the web. The total number of URLs used for phishing increased by 29.6% between 2021 and 2022. In 2022, three-quarters of new high-risk URLs—URLs that host sites confirmed to be malware, phishing, or exploit sites—were used for phishing.
- Ransomware is adapting and winning. Law enforcement secured several major successes in the ongoing international fight against ransomware gangs. Despite these victories, ransomware remains the most significant cyber threat facing small and midsize organisations. Towards the end of 2022, the average cost of ransomware attacks hit an all-time peak of almost £320,000.
In short, 2022 offered plenty of evidence that cyber security must be top of mind for businesses all around the world.
Manufacturing: a vulnerable space
It is evident that cyber risk is not completely even across differing industries and sizes of business: certain sectors find themselves more exposed to cyber threats than others – amongst them, manufacturing. According to OpenText Cybersecurity threat data, manufacturing organisations have proven to be the
highest hit by infections in 2022, for the second year running. Companies in this sector were found to be a staggering 56% more likely to be hit by infections than the average business. Second in line is information and public administration, with infections rates being 33% and 32% above average, respectively – so manufacturing is significantly more at risk than other sectors, and we expect this to remain the same in coming years.
The reason behind this is simple: manufacturing is extremely vulnerable to ransomware attacks specifically, as it faces higher costs and more serious consequences associated with downtime and production stoppages than businesses in other verticals. Supply chains are complex and interconnected: the smallest issue can cause a devastating ripple effect across the entire business line. Cybercriminals know this all too well and are always eager to exploit manufacturing’s fundamental vulnerability.
Manufacturing organisations are vulnerable to intellectual property theft and to the exposure of other sensitive data. What makes them even more of a target is their lack of network segmentation, combined with the challenging convergence of OT and IT networks, which can allow for multiple entry points into the network and broader lateral movement, while providing more opportunities for the attacker to evade detection.
What can businesses do?
Every organisation needs to take the threat posed by cyberattacks very seriously, considering the dire consequences they can have. More often than not, incidents occur due to something preventable, which is all the more reason to establish strong security practices across every business.
While there is no one-stop-shop, silver-bullet solution when it comes to preventing an attack, embracing a comprehensive cyber resilience strategy can make an attacker’s job a lot more difficult and also improve rebound time following the worst-case scenario.
Overall, we always advocate for the Zero Trust-driven implementation of a cyber resilience framework, which is a great solution for improving security posture and reducing risk. For larger companies, performing detailed risk assessments, establishing an initial security posture with associated controls, processes and procedures, then regularly using third-party audit and penetration testing firms to validate, update and improve is a smart way to build, embed and maintain your security posture.
One advantage that many manufacturing companies have, is the repeatable, consistent nature of their operations. If segments of the network and associated infrastructure are used in a very defined, controlled manner, these can be heavily locked down and carefully monitored for anomalies, giving the advantage back to the defenders.
While cybercriminal techniques are not unique to manufacturing businesses, and their methods are similar across business verticals, what varies is the ability of different types of organisations to respond and the impact caused by the disruption in the aftermath of an attack. As discussed before, manufacturing organisations and businesses relying on supply chains are in a sensitive position in this respect, and as a result, they should have even slicker and more detailed contingency and response plans in place. Similarly, they should also prioritise investments into cybersecurity training, and make these regular and compulsory for all their staff. ✷
