Manufacturing Sector Leads the Way in Cloud Attacks

Phishing, user account compromise and data theft were the most common security incidents.


Netwrix is offering findings from a recent study of manufacturing IT and security professionals that sheds some light on security concerns that continue to plaque the sector.   

According to the survey, 64 percent of manufacturers suffered a cyberattack during the preceding 12 months, which is similar to organizations overall (68 percent). However, it turned out that the manufacturing sector experiences more cloud infrastructure attacks than any other industry surveyed. Among manufacturing companies that detected an attack, 85 percent spotted phishing in the cloud, compared to only 58 percent across all verticals.

Additionally, 43 percent faced user account compromise in the cloud, as opposed to 27 percent among all industries. And 25 percent dealt with data theft by hackers in the cloud compared to 15 percent for organizations overall.

“The manufacturing sector relies heavily on the cloud to work with their supply chain in real time. This makes their cloud infrastructure a lucrative target for attackers — infiltrating it enables them to move laterally and potentially compromise other linked organizations, as happened to one the world’s top meat processing companies.

"Credential compromise or malware deployed via a phishing email is just the beginning of the attack,” says Dirk Schrader, VP of Security Research at Netwrix.

“The attack surface in the cloud is always expanding, so it’s critical for manufacturing companies to adopt a defense-in-depth approach,” adds Ilia Sotnikov, Security Strategist at Netwrix. “First, they must rigorously enforce the principle of least privilege to limit access to sensitive data, which ideally includes just-in-time access to eliminate unnecessary entry points for adversaries.

"They also need to gain deep visibility into when and how critical data in the cloud is being used so that IT teams can promptly spot potential threats. Finally, they need to be prepared to minimize the damage from incidents by having a comprehensive response strategy that is regularly exercised and updated.”

More information about the report is available by clicking here.

More in Cybersecurity