Cyber Threats in Manufacturing Report Show Alarming Cybersecurity Trends in Industry


The latest report by KnowBe4 highlights increasing vulnerabilities and the critical need for enhanced security awareness 

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, has released its “Manufacturing: Maintaining Stability As Cyber Threats Explode in Volume and Sophistication” report. The report examines the state of cybersecurity in the manufacturing industry, tactics being deployed by cybercriminals, and what organizations can do to safeguard against them. Manufacturing-Report-US-cover

The manufacturing industry is reportedly the most affected by cyberattacks, accounting for over 25% of all incidents, across the top 10 industries, of which 45% are malware attacks. The industry has become increasingly attractive to cybercriminals in recent years due to its interconnected nature – relying heavily on various elements, from raw materials to transportation; its vulnerability – having a low tolerance for downtime, and valuable intellectual property stored in its databases, which could save competitors millions if obtained.

Some interesting highlights from the report include:

  • Phishing is cited as the top initial infection vector, followed by exploitation of public-facing applications.
  • Asia-Pacific emerged as the prime target for cyberattacks in 2023, accounting for over half (54%) of all reported incidents.
  • Europe followed as the second most targeted region, with 26% of cyberattacks, while North America and Latin America experienced 12% and 5% respectively.
  • An alarming 56% increase in ransomware attacks involving extortion was observed in the industry, highlighting a growing trend in cybercriminal tactics.
  • Manufacturing experienced a 266% rise in information stealing malware being injected into systems, designed to steal logins and other credentials for email, social media and messaging accounts, banking details, etc.
  • The manufacturing industry faced a dramatic 88% surge in average ransom payments, reaching nearly $2.4 million in the last year.
  • According to KnowBe4’s 2024 Phishing by Industry Benchmarking Report, small manufacturing organizations fared well against the baseline of 34%. With no security training, the Phish-proneTM Percentage of these organizations with less than 250 employees was 27.9%, well below average. In companies with more than 1,000 employees, the opposite was true – with no security training, 37.5% of employees tested clicked on a bad link in a phishing email. This means that cybercriminals have a chance of successfully phishing almost 4 out of 10 employees in the manufacturing industry.

"Manufacturing's growing reliance on IT and OT systems, coupled with the increasing globalization of supply chains, has both increased the industry’s vulnerability and its attractiveness to threat actors," says Sjouwerman, CEO of KnowBe4. "As we navigate these challenges, it is becoming clear that increasing awareness and providing robust training to recognize and prevent phishing and social engineering attempts is no longer just best practice – it is critical. These efforts are essential not only for individual organizations, but for maintaining stability across the global manufacturing industry and ensuring the uninterrupted flow of goods to consumers and businesses worldwide."

The report features examples of recent attacks across North America, Europe, Asia and Oceania. The “Manufacturing: Maintaining Stability As Cyber Threats Explode in Volume and Sophistication” report serves as a wake-up call for the industry. As cyber threats continue to evolve, so must our defenses.

To download a copy of KnowBe4’s Manufacturing Report, click here.

About KnowBe4

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 70,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. The late Kevin Mitnick, who was an internationally recognized cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Organizations rely on KnowBe4 to mobilize their end users as their last line of defense and trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Get the latest about social engineering

Subscribe to CyberheistNews