KnowBe4 recently unveiled its Manufacturing: Maintaining Stability As Cyber Threats Explode in Volume and Sophistication report. It examines the state of cybersecurity in the manufacturing industry, tactics being deployed by cybercriminals, and what organizations can do to safeguard against them. Highlights from the report include:
- Manufacturing is reportedly the most affected by cyber attacks, accounting for over 25 percent of all incidents across the top 10 industries, of which 45 percent are malware attacks.
- Phishing is cited as the top initial infection vector, followed by exploitation of public-facing applications.
- Asia-Pacific emerged as the prime target for cyber attacks in 2023, accounting for over half (54 percent) of all reported incidents. Europe followed as the second most targeted region, with 26 percent of cyber attacks, while North America and Latin America experienced 12 percent and five percent respectively.
- There was a 56 percent increase in ransomware attacks.
- Manufacturing experienced a 266 percent rise in malware being injected into systems, with the goal of stealing logins and other credentials for email, social media and messaging accounts, banking details, etc.
- Manufacturing faced an 88 percent surge in average ransom payments, reaching nearly $2.4 million in the last year.
- According to KnowBe4’s 2024 Phishing by Industry Benchmarking Report, small manufacturing organizations fared well against the baseline (34 percent) of those who clicked on a bad link in a phishing email. With no security training, the Phish-prone Percentage of organizations with less than 250 employees was 27.9 percent. In companies with more than 1,000 employees, and with no security training, 37.5 percent of employees tested clicked on a bad link.
- This means that cybercriminals have a chance of successfully phishing almost four out of 10 employees in the manufacturing industry.
"Manufacturing's growing reliance on IT and OT systems, coupled with the increasing globalization of supply chains, has both increased the industry’s vulnerability and its attractiveness to threat actors," says Sjouwerman, CEO of KnowBe4. "As we navigate these challenges, it is becoming clear that increasing awareness and providing robust training to recognize and prevent phishing and social engineering attempts is no longer just best practice – it is critical.
To download a copy of KnowBe4’s Manufacturing Report, click here.