Home>Security>Cyber Crime>UK manufacturing “most attacked industry” as cyber criminals capitalise on pandemic
Home>Security>IT Security >UK manufacturing “most attacked industry” as cyber criminals capitalise on pandemic
Home>Security Matters>Security Matters>UK manufacturing “most attacked industry” as cyber criminals capitalise on pandemic

UK manufacturing “most attacked industry” as cyber criminals capitalise on pandemic

03 June 2020

CYBER CRIMINALS are evolving their particular ‘craft’ with new innovations and increasingly automating their attacks. This is one of the key findings of the 2020 Global Threat Intelligence Report just issued by NTT.

Manufacturing has become the most attacked sector, representing almost a third of all attacks, while the technology industry was the most attacked sector globally. The Global Threat Intelligence Report also highlights the importance of cyber resilience and the philosophy of Security by Design as cyber criminals look to gain from the COVID-19 pandemic.

A comprehensive view of the threats impacting businesses in the EMEA, the Americas and the Asia Pacific region, as well as emerging trends across different industries, the Global Threat Intelligence Report reveals that threat actors are innovating faster than ever before. Developing multi-function attack tools and using Artificial Intelligence and machine learning capabilities, attackers are investing in automation techniques.

It emerges that 21% of attacks globally were in the form of a vulnerability scanner. Despite efforts to layer up their defences, many organisations are unable to stay ahead of the attackers, while others are struggling to do the basics like patching old vulnerabilities.

Intellectual Property theft

Manufacturing regularly appears as one of the most attacked industries on the global stage. With cyber crime in this domain most commonly linked to Intellectual Property theft, the sector increasingly faces the threat of financially motivated data breaches, global supply chain risks and risks from unpatched vulnerabilities.

The UK was the only country (aside from Hong Kong) this year where manufacturing topped the list of the most attacked sectors, representing 29% of all attacks. Technology (at 19%) is second and business and professional services (17%) third. Government and finance made up the other two sectors in the Top Five.

Reconnaissance attacks accounted for half of all hostile activity in the UK and Ireland, with web application the next most common form of attack (22%). Reconnaissance activity (60%) was also the most common attack type against manufacturers followed by web application attacks (36%).

Rory Duncan, security go-to-market leader at NTT, commented: “UK manufacturing has become a major target for attackers in recent years as a result of the increased risks brought about from the convergence of IT and Operational Technology (OT). The biggest worry is that security has lagged behind in this sector, potentially exposing systems and processes to attack. Poor OT security is a legacy issue. Many systems were designed with efficiency, throughput and regulatory compliance in mind rather than security. In the past, OT also relied on a form of ‘security through obscurity’. The protocols, formats and interfaces in these systems were often complex and proprietary and different from those in IT systems, so it was pretty difficult for cyber criminals to mount a successful attack. As more and more systems come online, though, the hackers are innovating and now see these systems as being ripe for attack.”

Duncan added: “Now more than ever, it’s critical for all organisations, regardless of their sector or region, to pay attention to the security that enables their business and make sure they’re cyber-resilient and Secure by Design. In essence, this means embedding privacy and security into the fabric of their enterprise architecture and organisational culture. The current global pandemic and the flow of trusted and untrusted information used to mask the activities of cyber criminals has shown us that they will take advantage of any situation. Organisations must be ready to respond to these and other threats in what is a constantly evolving landscape.”

Year of enforcement

The 2020 Global Threat Intelligence Report refers to last year the ‘year of enforcement’ with the number of Governance, Risk and Compliance initiatives growing, in turn creating a challenging global regulatory landscape.

Several acts and laws now influence how organisations handle data and privacy, among them the General Data Protection Regulation, which itself has set a high standard for the rest of the world. The report provides organisations with recommendations to help navigate compliance complexity, including identifying acceptable risk levels, building cyber resilience capabilities and implementing solutions that are Secure by Design.

The 2020 Global Threat Intelligence Report – the eighth annual report in the NTT series, in fact – analyses and summarises trends based on log, event, attack, incident and vulnerability data from trillions of logs and billions of attacks.

To learn more about how this year’s Global Threat Intelligence Report offers organisations a robust framework to address today’s cyber threat landscape, and to find out more detail around the emerging trends across different industries and regions, access the NTT website.

Global highlights

*Most common attack types accounted for 88% of attacks: application-specific (33%), web application (22%), reconnaissance (14%), DoS/DDoS (14%) and network manipulation (5%) attacks

*Weaponisation of the Internet of Things (IoT): Botnets like Mirai, IoTroop and Echobot have advanced in automation, improving propagation capabilities. Mirai and IoTroop are also known for spreading through IoT attacks, then propagating through scanning and subsequent infection from identified hosts

*Old vulnerabilities remain an active target: Attackers leveraged those that are several years old, but have not been patched by organisations, such as HeartBleed, which helped make OpenSSL the second most targeted software with 19% of attacks globally. A total of 258 new vulnerabilities were identified in Apache frameworks and software over the past two years, making Apache the third most targeted in 2019 (accounting for over 15% of all attacks observed)

*Attacks on Content Management Systems (CMS) accounted for about 20% of all attacks: Targeting popular CMS platforms like WordPress, Joomla!, Drupal and noneCMS, cyber criminals used them as a route into businesses to steal valuable data and launch additional attacks