Manufacturing becomes most cyber-attacked industry

New research shows that manufacturing replaced financial services as the most attacked industry by cyber criminals in 2021, with perpetrators attracted by manufacturers’ low tolerance for downtime.

According to figures compiled by IBM, the manufacturing sector was by far the most attacked industry in Europe in 2021, making up 1 in 4 of all recorded cyber attacks. The UK, Italy and Germany topped the charts as the most-attacked countries.

Ransomware was the most common type of attack, with criminals mostly finding their way into manufacturing operations by exploiting unpatched and vulnerable software (47 per cent) or through phishing attacks (40 per cent). Less common ways in included targeting removable media such as pen drives (7 per cent) and using stolen credentials (3 per cent).

Many manufacturers also fell victim to other types of attack such as business email compromise, whereby attackers capitalise on supplier relationships by redirecting payments between partners to accounts under their control.

IBM warned that criminals were increasingly attracted to manufacturers because they were more likely to bow to ransoms to get operations back online quickly, as well as the potential to target victims’ extended business partners in the supply chain:

“Threat actors understand the critical role manufacturing [companies] play in global supply chains and are seeking to disrupt these organisations because of the ripple effect it can have across multiple industries and the pressure these multiplying effects create for victims to pay a ransom.

“Ransomware actors in particular find manufacturing to be an attractive target, likely due to these organisations’ low tolerance for downtime.”

Commenting on the prevalence of ransom attacks achieved through vulnerability exploitation, Charles Henderson, Head of IBM’s Security X-Force, said:

"Businesses should recognise that vulnerabilities are holding them in a deadlock – as ransomware actors use that to their advantage. Instead of operating under the assumption that every vulnerability in their environment has been patched, businesses should operate under an assumption of compromise, and enhance their vulnerability management with a zero trust strategy.”

Although vulnerability exploitation was the most common way in for attackers in 2021, IBM added that manufacturers should devote an equal amount of effort to combating phishing threats as well as patching vulnerabilities and keeping software up-to-date.

Microsoft, Apple and Google were the top three brands criminals attempted to mimic in phishing emails in 2021. Targeted phishing campaigns that use phone calls (known as ‘voice phishing’ or ‘vishing’) are also becoming more common because they are three times more effective at getting victims to click on a malicious link.

Visit our Cyber Security Guide for more guidance on cyber security best practice. SMEs in Greater Manchester can also access funded cyber crime training backed by Greater Manchester Police through the Cyber Resilience Centre for the North West.