Cyber-attacks were up by a quarter in Q2 2017, with manufacturers bearing the brunt and phishing emails the most popular threat vector, according to NTT Security.
The managed security giant claimed that there was a 24% increase in attacks on its global customer base in the period of April to June, with a third (34%) of all attacks targeting manufacturers.
In fact, these organizations were among the top three targeted in five out of the six global regions covered by the study, according to the firm’s Global Threat Intelligence Center (GTIC) Quarterly Threat Intelligence Report.
In terms of attack types, 'reconnaissance' (33%) dominated the manufacturing threat landscape in the period, followed by brute-force attacks (22%) and regular malware (9%).
Public-facing Microsoft SQL (MSSQL) servers were popular targets for brute-forcing during the period, according to the report.
“The motivations for these attacks are often criminal in nature, including extortion via ransomware, industrial espionage, and theft of data such as account numbers,” explained Jon Heimerl, manager of NTT Security’s Threat Intelligence Communication Team.
“What poses an even greater problem is that when these breaches are successful, yet go undetected, they allow hackers to establish footholds in organizations’ networks where they have free reign to wreak havoc over extended periods.”
The problem is compounded by the fact that over a third (37%) of manufactures polled recently by NTT Security claimed they don’t have an incident response plan in place.
“This is very concerning as manufacturers’ IT security liabilities often impacted not just the manufacturing organizations, but suppliers, as well as related industries and consumers,” said Heimerl.
In general, the popularity of phishing emails to harvest information and spread malware only appears to be growing: over two-thirds (67%) of attacks came in the form of just such a threat.
The tactic of embedding malicious VBA macros into documents sent via phishing emails was particularly popular among cyber-criminals, according to NTT Security.
The data supports the findings of other recent reports.
Verizon claimed in its Data Breach Investigations Report 2017 that phishing was a component in 21% of attacks last year, up from just 8% in the previous reporting period.