As the manufacturing sector is moving towards automation and using software-centric and IoT technologies, cybercriminals see a larger attack surface to target to gain access inside the networks of manufacturing organizations. Recently, Palfinger, a well-known crane and lifting manufacturer, has been targeted in a major cyberattack.
- In recent months, several manufacturing organizations have been targeted, including A10 Networks, Prusa Research, National Detergent Company, BEXIMCO, Qiui, Dassault Aviation, and NameSouth.
- The cyberattacks were found to be mostly focused on manufacturing organizations located in North America, followed by some attacks in Western and Southern Asia.
- The IoT industry has been heavily affected by these attacks, along with automobile and aircraft manufacturers.
In a recent Data Breach Investigations Report by Verizon, it was noted that:
- around 73% of cyberattacks against the manufacturing sector were motivated by financial reasons, while the remaining involved espionage.
- about 75% of attacks involved external forces while internal threats accounted for the remaining 25% of attacks.
- Ransomware attacks are still prominent and targeting major manufacturing organizations. The ChastityLock, Ragnar Locker, and NetWalker ransomware groups are found to be active.
- Some of the major infection vectors used in recent cyberattacks include phishing, data theft, ransomware extortion, and unauthorized access.
- In addition, the attackers were observed to be abusing several vulnerabilities in the used software applications.
The rapid digitization has made the manufacturing sector a prominent target among cybercriminals. Thus, experts suggest manufacturing organizations have proper patch management and endpoint security solutions. In addition, they are recommended to provide training to employees and have a backup of important data.