UK manufacturing is top target for cyber attackers – NTT Security 2018 Global Threat Intelligence Report
May 2018 by NTT SECURITY
Manufacturing has become the most attacked industry sector in the UK, representing almost half (46 per cent) of all cyber attacks in 2017 – more than double that of attacks on manufacturing across EMEA. This is according to the 2018 Global Threat Intelligence Report (GTIR) from NTT Security, the specialised security company and centre of excellence in security for NTT Group. The majority of attacks on UK manufacturers came from China, representing 89 per cent of attacks on this sector.
Technology organisations, in second place, were the target of 23 per cent of attacks in the UK, with business and professional services in third place with 10 per cent of attacks. While the finance industry was the most attacked sector worldwide with almost a quarter (23 percent) of all attacks, up from 14 per cent in 2016, it was fourth in the UK with 8 per cent, followed by government at 5 per cent.
NTT Security analysed data from over 6.1 trillion logs and 150 million attacks for the GTIR, highlighting global and regional threat and attack trends based on log, event, attack, incident and vulnerability data from NTT Group operating companies. “We’ve seen manufacturing becoming an increasingly attractive target to attackers in recent years and we believe this is for a number of reasons,” explains Jon Heimerl, senior manager of the Threat Intelligence Communication Team, Global Threat intelligence Center at NTT Security.
“As manufacturers experience the benefits of automation and the emergence of interconnected and intelligent production systems, they are realigning their operational models to take advantage of these technologies. More than 50 per cent of manufacturers have now adopted Industry 4.0 and Smart Manufacturing, the latest phase in the evolution of manufacturing technology. The lines between traditional and digital manufacturing are blurring, where high value manufacturing and advanced technologies are key for global competitiveness. As a result, they have become more attractive to attackers who see them as a prime target for the theft of IP, for the disruption of operations, and for hijacking networks to launch an attack into other organisations. There’s no one thing driving this trend, but a whole host of interconnected reasons.”
China the number one attack source
China was the number one source of attacks against all sectors in EMEA during 2017. EMEA was the only region in which attacks from U.S. sources fell behind Chinese sources, whereas in 2016 China was the ninth most prominent attack source, accounting for less than 3 per cent of all attacks against EMEA.
Attacks from Chinese sources have escalated to the point that China was a top five attack source in each of the top five most attacked industries in EMEA, and accounted for 67 per cent of all attacks against manufacturing targets across EMEA. According to the GTIR, the majority of these attacks on UK manufacturers were from a known bad source (meaning the activity originated from IP addresses within China previously identified as hostile).
The 2018 Global Threat Intelligence Report (GTIR) gathers data from NTT Security monitoring, management, and incident response operations. It also includes details from NTT Security research sources including global honeypots and sandboxes in over 100 countries in environments independent from institutional infrastructures.