The demand for cybersecurity will certainly rise as a new report by NTT Security sheds some light into growth in cyber threats. NTT Security’s Global Threat Intelligence Center (GTIC) released their quarterly threat intelligence report for the 2nd quarter of 2017, revealing some interesting information regarding the ever-expanding cyber landscape. These quarterly reports produced by NTT Security, a NTT Group company, helps security companies locate the rising threats and thus form plans to keep in step to block the hackers, rather than falling prey to them.
The report is interesting for two reasons. The first is that over the quarter, NTT Security has seen increased attacks on customers of 24%. The second interesting report is that attacks on manufacturers has rose 34%. Regarding the importance of adequately utilizing this information, Jon Heimerl, the Manager of the Threat Intelligence Communication Team said, “Our Global Threat Intelligence Centers are constantly monitoring cyber activities on a global scale and providing us with great insight as to which industries cybercriminals are targeting, why they’re targeting these areas, and how they may do so moving forward. This latest GTIC 2017 Q2 Threat Intelligence Report documents that hackers continue to target the manufacturing sector, which should be a red flag for CISOs across this market segment.”
The manufacturing sector is a surprising aspect of the NTT Security report. Attacks on the manufacturing industry have risen by 34%. One of the reasons for this could be that it’s an industry that hasn’t experienced many cyber threats before, and is therefore more vulnerable. Also, manufacturers can possess extremely valuable information, such as account numbers. Hackers used espionage and extortion through ransomware, and, because manufacturers are more vulnerable, it can often be weeks or months before they realize that any data has been stolen. A recent survey showed that up to 37% of manufacturers don’t have a response plan set for such disasters. This lack of security should concern more than just the manufacturers. The chain reaction of these cyber crimes affects the manufacturer’s suppliers and anyone doing business with the company.
Three different types of attacks were commonly used on the manufacturers, reconnaissance, brute force and malware.
- Reconnaissance, which claimed 33% of the attacks, is when the hacker uses an available scanning tool to investigate the system of the targeted manufacturer. After finding the vulnerable ports, the hacker is able to steal the data.
- Brute force claimed 22% of the attacks. Unlike reconnaissance, which strategically locates vulnerable ports, brute force is where the hacker, through laborious effort, cracks through passwords and encrypted data through trial and error. Microsoft’s SQL server was a victim of these attempts.
- The final method, malware, claimed just 9% of the attacks. The malware software that was used to hack the manufacture systems were often trojans. In fact 86% of the malware attacks were trojan attacks. Trojans create a portal for access to the manufacturer’s internal infrastructure, allowing the hackers to continue to install more malware at later dates.
The initial location of these attacks has varied greatly over the years. However, in the most recent quarter, France is currently where the majority of the attacks have been traced to, with 47% of the attacks have been located as coming from France.
While this data from the NTT Security report is processed, companies within the manufacturing sector should be considering new and more robust cybersecurity methodologies. These should certainly include disaster management and recovery systems at a bare minimum.