Manufacturing has been experiencing an increase in financially motivated breaches in the past couple of years, but espionage is still a strong motivator. Most breaches involve phishing and the use of stolen credentials.
352 incidents, 87 with confirmed data disclosure
Top 3 Partners
Web Applications, Privilege Misuse, and Cyber-Espionage represent
71% of breaches
External (75%), Internal (30%), Multiple parties (6%), Partner
Financial (68%), Espionage (27%), Grudge (3%), Fun (2%) (breaches)
Credentials (49%), Internal (41%), Secrets (36%) (breaches)
Uncle Owen, this R2 unit has a financial motivator
For the second year in a row, financially motivated attacks outnumber cyber-espionage as the main reason for breaches in Manufacturing, and this year by a more significant percentage (40% difference). If this were in most any other vertical, it would not be worth mentioning as money is the reason for the vast majority of attacks. However, Manufacturing has experienced a higher level of espionage-related breaches than other verticals in the past few years. So, shall we conclude that James Bond and Ethan Hunt15 have finally routed their respective nemeses for good? Are we free to buy the world a Coke and teach it to sing in perfect harmony? Probably not. A more likely explanation is that some of our partners who typically provide data around cyber-espionage were either unable to participate this year or simply happened to work other types of investigations. This may have contributed to a bias on those results, meaning the real percentage of cyber-espionage cases was higher in the wild. If the relative percentage of one type of case goes down, the result is an apparent upswing in the other.