SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Trustwave reveals cybersecurity risks in manufacturing in new study
Thu, 7th Dec 2023

Trustwave, a cybersecurity and managed security services provider, has launched new research that exposes the distinct cybersecurity threats and risks facing the manufacturing industry and provides actionable mitigation strategies. The study, titled "2023 Manufacturing Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies", is amplified with practical insights to boost defences in the manufacturing sector.

The investigation, conducted by Trustwave SpiderLabs, has noted the tactics, techniques, and procedures utilised by threat groups in their attack flow. Persistent threats ranged from email-borne malware to exploitation of server message block (SMB) and distributed component object model (DCOM) protocols for lateral movement, creating substantial risks for the manufacturing sector.

In the present era of rapid technological advancement and interconnected systems, the manufacturing industry is undergoing a digital revolution to facilitate impressive efficiency and productivity levels. However, this evolution also carries significant cybersecurity risks. Cyberattacks can halt production lines, leading to significant financial losses that can run into thousands of dollars per minute, going against the manufacturing industry's primary objective of augmenting profitability.

Trustwave's Chief Information Security Officer, Kory Daniels, said, "The digital transformation sweeping the manufacturing industry has led to convergence of operational technology (OT) and information technology (IT) business environments, effectively broadening the potential attack surface for cyber threat actors and ransomware.” He added, "Our latest threat briefing is a valuable resource for cyber defenders in formulating thorough security strategies that strengthen resilience, continuously assess risks of critical infrastructure, and enable the continuity of essential operations."

The Trustwave SpiderLabs report examines threat groups and their methods across the attack cycle, from the preliminary foothold to exfiltration. Some noteworthy findings in the report indicate that LockBit, the threat group, was responsible for 36 per cent of ransomware incidents directed at the manufacturing sector. Furthermore, 45 per cent of all reported incidents in manufacturing were attributed to Credential Access, while 72 percent of malicious email attachment types sent to manufacturers were HTML attachments.

Trustwave has emerged as a globally recognised authority on cybersecurity, committed to reducing cyber risk and protecting organisations from disruptive and harmful cyber threats. With the rise of inevitable cyber-attacks, Trustwave aims to decrease the likelihood of attacks and minimise potential impact by employing world-class security consultants, threat hunters, and researchers, as well as leveraging its market-leading security operations platform.