Manufacturing most cyber-attacked industry in Ireland

GTIR reveals that threat actors are innovating faster than ever before. Developing multi-function attack tools and using artificial intelligence (AI) and machine learning capabilities, attackers are investing in automation techniques; 21% of attacks globally were in the form of a vulnerability scanner. Despite efforts to layer up their defences, many organisations are unable to stay ahead of attackers, while others are struggling to do the basics like patching old vulnerabilities.

Manufacturing regularly appears as one of the most attacked industries globally. Most commonly linked to intellectual property (IP) theft, it increasingly faces financially motivated data breaches, global supply chain risks and risks from unpatched vulnerabilities. The UK was the only country (apart from Hong Kong) this year where Manufacturing topped the list of most attacked sectors, representing 29% of all attacks, with Technology (19%) second and Business and Professional Services (17%) third. Government and Finance made up the other two sectors in the top five.

Reconnaissance attacks accounted for half of all hostile activity in the UK and Ireland, with web application the next most common form of attack (22%). Reconnaissance activity (60%) was also the most common attack type against manufacturers followed by web application attacks (36%).

While for many years, the manufacturing environment seemed to slip under the radar of cyber criminals, it should come as no surprise that it is now one of the main targets. Ever increasing connectivity, combined with a sometimes lackadaisical attitude towards cyber security, means manufacturing is well and truly in in the spotlight when it comes to cyber crime.

As Rory Duncan, Security Go-to-Market Leader, NTT, comments: “UK manufacturing has become a major target for attackers in recent years as a result of the increased risks brought about from the convergence of IT and Operational Technology (OT). The biggest worry is that security has lagged behind in this sector, potentially exposing systems and processes to attack. Poor OT security is a legacy issue; many systems were designed with efficiency, throughput and regulatory compliance in mind rather than security. In the past, OT also relied on a form of ‘security through obscurity’. The protocols, formats and interfaces in these systems were often complex and proprietary and different from those in IT systems, so it was difficult for attackers to mount a successful attack. As more and more systems come online, hackers are innovating and see these systems as ripe for attack.”

All this means that the manufacturing sector must treat cyber security with the utmost importance. Businesses need to educate themselves about the risks and ensure they have cyber-resilient culture right from the bottom to the top, employing defence-in-depth models and ensuring cyber security is a top priority.

Charlotte Stonestreet

Managing Editor

[email protected]