Industrial sectors have been facing a hard hit by ransomware gangs in recent years, with manufacturing companies being exposed to a higher risk. U.S organisations have particularly succumbed to cyberattacks as they experience large spikes.
According to the industrial cybersecurity firm Dragos, 25 of the 48 threat groups known to target industrial organizations and infrastructure were active in the third quarter of 2022. Several new ransomware groups including Sparta Blog, Bianlian, Donuts, Onyx, and Yanluowang are among those on the list.
As per Dragos Q3 analysis regarding the ransomware attacks on industrial organizations, North America was the site of 36% of all reported cases worldwide, with 46 incidents being reported. This represents a significant 10% increase from the previous quarter when the region was hit by 25% of cases.
On the other hand, the analysis also detected that the rate of attacks at a global level remained flat quarter over quarter, with 128 incidents for Q3 vs 125 in Q2.
Most of the observed attacks were targeted at the manufacturing sectors, totaling 68%. Out of the confirmed attacks (those publicly reported, seen in the firm's telemetry, or confirmed on the Dark Web), 88 were against the manufacturing segments, especially those producing metal products, which experienced a total of 12 attacks.
As indicated by Stephen Banda, senior manager of security solutions of Lookout, the manufacturing sector is developing at a swift pace, digitizing manufacturing, inventory tracking, operations, and maintenance increase agility and efficiency, with less production downtime and greater nimbleness. However, it also opens up new attack surfaces for threat actors.
“To remain competitive, manufacturers are investing in intellectual property and new technologies like digital twins […] In short, manufacturers are transforming the way they produce and deliver goods – moving toward industrial automation and the flexible factory. This transformation, known as Industry 4.0, puts pressure on mobile devices and cloud solutions.” States Stephen Banda to Dark Reading. Yet for most manufacturers, security solutions still remain on-premises, he adds.
“This creates efficacy and scalability challenges when tasked with protecting productivity solutions that have moved to the cloud[…]Security therefore must also move to the cloud to adequately safeguard manufacturing operations,” notes the Lookout senior manager.
