Money, not intellectual property or production disruption, continues to be the No. 1 goal of cybercriminals who breach manufacturers’ digital networks.
The average amount of money stolen through business email attacks was $24,439, according to Verizon’s 2019 Data Breach Investigations Report, released in May. The 12th-annual DBIR report found that financially related attacks outnumbered cyberespionage as the main reason for breaches in manufacturing.
Of the 352 manufacturing incidents recorded — 87 with confirmed data disclosure — 68 percent of those attacks sought financial gain, while 27 percent were espionage related. Both types were generally initiated through phishing, in which attackers use legitimate-seeming email, text or phone messaging to target sensitive personal and operational data.
The report also found that C-level executives are 12 times more likely to be the target of cyberattacks and nine times more likely to be breached.
While cyberattacks are growing more complex, “the majority of breaches come from attackers who are just in it to make a buck,” said Gabe Bassett, senior information security data scientist and report co-author. “They tend to use the easiest path possible.”
Stolen credentials are a key means to gain access for financial attacks, and these credentials can be used to attempt to breach cloud-based services or an organization’s external log-in sites. Even if a company does not lose a login and password, Bassett cautioned, “if one of your employees is using those credentials on that classic cars forum they belong to, they can easily get breached there” — precipitating an attack on your organization.
Intellectual property is less likely to be targeted because it is harder to monetize, Bassett said. Data held on customers and employees is more valuable to attackers. For that reason, he expects ransomware to become a larger challenge.
To thwart attacks, Bassett suggests manufacturers:
- Encourage employees to use password managers to generate unique passwords for all sites they use,
- Implement two-factor authentication for signing on to company systems,
- Curb potential intrusions by giving some employees tablets or similar devices that limit systemwide access, and
- Limit employee access to macro-enabled Office documents.
Bassett advised that manufacturing companies spend wisely to thwart threats they are likelier to face. Financial breaches generally involve only one or two actions by criminals; espionage attacks might require five. Companies can take advantage of economies of scale by investing in security as a service (SaaS) rather than building a full-size security system.
Often, a single non-malicious error is found to have caused a breach, Bassett added. “Manufacturing systems are built to fail gracefully; security should be built to fail gracefully as well.”
Verizon analyzed 2,013 breaches and 41,686 incidents reported by 73 contributors in 86 countries. View the report online here.