Manufacturing has become the most attacked industry sector in the UK, representing almost half (46%) of all cyber-attacks in 2017 – more than double that of attacks on manufacturing across EMEA. The figure is among the findings the 2018 Global Threat Intelligence Report (GTIR) from NTT Security, a specialised security company. The majority of attacks on UK manufacturers came from China, representing 89% of attacks on this sector.
Technology organisations, in second place, were the target of 23 per cent of attacks in the UK, with business and professional services in third place with 10 per cent of attacks. While the finance industry was the most attacked sector worldwide with almost a quarter (23%) of all attacks, up from 14% in 2016, it was fourth in the UK with 8%, followed by government at 5%.
NTT Security analysed data from over 6.1 trillion logs and 150 million attacks for the GTIR, highlighting global and regional threat and attack trends based on log, event, attack, incident and vulnerability data from NTT Group operating companies.
“We’ve seen manufacturing becoming an increasingly attractive target to attackers in recent years and we believe this is for a number of reasons,” explains Jon Heimerl, senior manager of the Threat Intelligence Communication Team, Global Threat intelligence Centre at NTT Security.
“As manufacturers experience the benefits of automation and the emergence of interconnected and intelligent production systems, they are realigning their operational models to take advantage of these technologies. More than 50 per cent of manufacturers have now adopted Industry 4.0 and Smart Manufacturing, the latest phase in the evolution of manufacturing technology. The lines between traditional and digital manufacturing are blurring, where high value manufacturing and advanced technologies are key for global competitiveness. As a result, they have become more attractive to attackers who see them as a prime target for the theft of IP, for the disruption of operations, and for hijacking networks to launch an attack into other organisations. There’s no one thing driving this trend, but a whole host of interconnected reasons.”
China was the number one source of attacks against all sectors in EMEA during 2017. EMEA was the only region in which attacks from U.S. sources fell behind Chinese sources, whereas in 2016 China was the ninth most prominent attack source, accounting for less than 3 per cent of all attacks against EMEA.
Attacks from Chinese sources have escalated to the point that China was a top five attack source in each of the top five most attacked industries in EMEA, and accounted for 67 per cent of all attacks against manufacturing targets across EMEA. China-based hackers have been a source of concern for some time, and in April the UK’s National Cyber Security Centre warned telecoms firms of national security risks from using equipment made by ZTE, a Chinese state-owned firm, with the agency’s technical director, Dr Ian Levy, declaring that the risks “cannot be mitigated”.
According to the GTIR, the majority of these attacks on UK manufacturers were from a known bad source (meaning the activity originated from IP addresses within China previously identified as hostile).
The 2018 Global Threat Intelligence Report (GTIR) gathers data from NTT Security monitoring, management, and incident response operations. It also includes details from NTT Security research sources including global honeypots and sandboxes in over 100 countries in environments independent from institutional infrastructures.
The full NTT Security 2018 GTIR can be downloaded here.