As we quickly approach a new year, business leaders will not escape the head-pounding concerns of business disruption. Industries will continue with digital transformation and other process innovations. However, as your organization becomes increasingly dependent on integration and cloud technologies, you also expand your attack surface.
The increase in avoidable loss events has become a board-level issue. Security breaches are rising; cyber incident losses put security at the forefront of business decisions. As reported incidents are likely to increase in 2022, increasing numbers of stakeholders take notice.
Are cybersecurity threats increasing?
Cybersecurity threats continually evolve, forcing companies to integrate platforms and processes to ward off cybercrime. Despite the pressing need for comprehensive security defenses, many organizations struggle to keep pace with emergent hacking methods and adapt to the shifting cyber-attack landscape.
Cybercriminals continuously develop strategies for infiltrating private networks, stealing sensitive data, and bringing critical infrastructure to a grinding halt. Researchers disclosed that 85% of breaches involve a human element. As a result, organizations have had to create flexible cybersecurity programs that can be adjusted when new risks are detected.
Threats to your cybersecurity change over time, so stakeholders need to review their effectiveness regularly. According to research from Verizon, the top three resources used in breaches are servers, people, and user devices (desktops, laptops, mobile phones).
How will this change or remain the same in the coming year?
Four Categories of Users
The four categories of users and their behaviors present different values to attackers and exposure to organizations. The Proofpoint 2021 Human Factor report user definitions help pinpoint staff in need of additional support.
High-privilege users who are susceptible to phishing lures are breaches waiting to happen. A high-privilege user doesn’t always have a high-profile job. Junior human resources, facilities, and administrative employees can have a dangerous level of access to information and systems.
Highly attacked users who are susceptible to threat events represent easy wins for attackers. A successful attack may give the threat actor a foothold to move on to users with access to more valuable data, systems, and resources.
The exposure posed by high-privilege and highly targeted users can be reduced by improving controls, security awareness training, and good digital hygiene.
Users with high levels of all three factors are highly probable loss events. They should become an urgent focus and security priority.
Three biggest cybersecurity threats to manufacturing
Each sector contains lucrative targets for modern cybercriminals. Cybercrime is a universal problem across industries, so the steps to prevent and respond to cyberattacks will vary based on the networking environment, data storage architecture, and other industry-specific factors.
As manufacturing is considered one of the most vulnerable sectors in terms of cyber attacks, here is a list of the biggest threats to cybersecurity for companies in the manufacturing industry.
According to the Verizon 2021 report, ransomware played an increased role in Malware associated breaches (61.2%) in manufacturers during 2021 versus previous years. This increase in manufacturing is likely attributable to the continued rise of ransomware actors’ name and shame extortion tactics. During these breaches, the compromised data was also rendered inaccessible in place.
Personal information was the most compromised data type in manufacturing, possibly related to increased automation and ease of attack. This data type overtook Credentials, thus breaking the statistical tie documented last year. Actors are achieving their final goals since credentials breaches happen naturally as an attacker moves within an environment.
As opposed to breaches discussed above, the number of ransomware-related Malware incidents also saw a sharp increase from last year, overtaking both DoS and Phishing as the most common varieties of attacks.
The top patterns of attacks in 2021 across the manufacturing industry are system intrusion, social engineering, and basic web application attacks.
1. System Intrusion
System Intrusion captures the complex attacks that leverage Malware and/or Hacking to achieve their objectives, including deploying ransomware.
This new pattern consists of more complex attacks, typically involving numerous steps. Most of these attacks involve Malware (70%), usually of the Ransomware variety and the Magecart attack type used to target payment card data in web applications. Hacking (40%) also appears in many attacks and often uses stolen credentials or Brute force attacks
2. Social Engineering
Social Engineering is to psychologically compromise a person into altering their behavior to take action or breach confidentiality.
Phishing is responsible for most breaches in the social engineering category, with cloud-based email servers being a target of choice. Business Email Compromises (BECs) were the second most common form of social engineering.
This attack scenario reflects the significant rise of Misrepresentation, which was 15 times higher than in 2020 with social incidents. Additionally, social engineering attacks often result in the loss of credentials. This pattern saw those stolen credentials used in both Hacking and Malware attacks.
3. Basic Web Application Attacks
Basic web application attacks are those with few steps or additional actions after the initial web-application compromise.
The cyberattacks focus on direct objectives, ranging from gaining access to email and web application data to repurposing the web app for malware distribution, defacement, or future DDoS attacks.
Are you prepared?
What are the cybersecurity threats in 2022?
To provide deeper context into the coming year, FireEye posted their 2022 threat predictions, and these trends are no surprise.
- Targeting executives through social media
- Nation-states outsourcing to cybercriminals
- Market expansion of self-reliant cybercrime groups
- Increasing numbers of less-skilled operators expanding the demand for ransomware developers
- Cloud application programming interface (API) exploitation of 5G and IoT traffic
- The exploitation of cloud application containers
- Increased speed in which criminals repurpose unpatched exploits
Being financially motivated, attackers profit from their victims. The profitability of each breach will vary based upon the level of disruption and losses the victim organization faces. Ransom payments, therefore, fluctuate based upon how eager and willing any organization is to negotiate.
Are you keeping pace or lagging?
In a PwC 2022 global insights survey, encouraging progress is underway. Four out of ten organizations report improvement on four fronts in the past two years. The four areas and percentage of people improving are listed below.
Instilling a culture of cybersecurity.
- 46% – Increased engagement of CEO in cybersecurity matters
- 43% – Increased employee report rate on phishing tests
Cyber risk management.
- 43% – Increased number of cyber and privacy assessments before project implementation
- 43% – Improved management of security policy exceptions
Communications between management and board.
- 43% – Increased amount of time allotted for discussion of cybersecurity at board meetings
- 42% – Increased assessment of board understanding of cyber matters
Aligning cyber with overall business goals.
- 42% – Increased alignment of cyber strategy to business strategy
- 41% – Increased percentage of overall risk remediation completed by proposed deadlines from the security team
What progress will your company make in the next two years?
Improving cybersecurity in manufacturing
The manufacturing industry faces some of the biggest threats to cyber security presently known to researchers, which is why business leaders must prioritize cyber risk and adaptable security defenses. There is no shortage of hacking methods that can cause significant disruption and financial losses from ransomware attacks to cloud security issues.
Influential companies have a cybersecurity culture of expected secure behaviors driven by an organization’s values, attitudes, and beliefs. These characteristics are visible at the executive leadership, division, department, and individual levels. This mindset influences how employees prioritize, interpret, learn about, and practice cybersecurity.
Developing a multi-pronged strategy is essential to mitigating cybersecurity threats, but finding the right balance of technology and policy-based controls can be difficult. That’s where Certitude Security can help.
We utilize a multi-stakeholder shared purpose approach to streamline team effectiveness. Once business and IT management know that we focus on helping the team and not displacing them or harming their reputation, output improves. Shared understanding is a force multiplier that allows for higher-value conversations, information exchange, and actionable insights.
As a proud supporter of American companies, Certitude Security® is working diligently to inform leaders and facilitate essential asset protection priorities for manufacturers and supply chains throughout the United States.
Problem discussions can be a defining moment in your career. If you are interested in value creation, learn about SPOT-Beam™ by Certitude Security®. We look forward to helping you and your business succeed!