Cyber criminals targeting UK manufacturing industry in 2024
The manufacturing industry was one of the top sectors targeted by cyber criminals through the course of 2023, representing 20% of all cyber extortion attacks in the year. This is a 42% increase over 2022, and 17% more than that second-most targeted industry professional, scientific and technical services.
These figures reveal that manufacturing is now one of the most attractive targets for cyber attackers seeking financial gain, given its role as the backbone of economies, pivotal to the production of essential goods and services. Manufacturing is also becoming more digital with the introduction of smart technologies (e.g. internet of things), data analytics and AI-driven automation. This presents a much wider attack surface for cyber criminals to exploit.
For the manufacturing industry in the UK in 2024, the cyber security threat landscape is likely to evolve with both existing and emerging challenges. Here, we make key predictions of what to be aware of.
Increased targeting by cyber criminals
As manufacturing becomes more digital, it will continue to be an attractive target. This includes threats from ransomware, phishing and advanced persistent threats (APTs) targeting industrial control systems. Cyber extortion attacks will continue to plague the industry, targeting those manufacturers with vulnerable people, processes and systems.
Supply chain vulnerabilities
Cyber security in the supply chain will become a significant concern. Attackers may target less secure elements in the supply chain to gain access to larger, more secure manufacturers. According to the National Cyber Security Centre, the UK and US intelligence services have raised numerous warnings over the last few years, specifically calling out nation-state actors targeting vulnerable players in the supply chain.
IoT and IIoT security risks
The proliferation of internet of things (IoT) and industrial internet of things (IIoT) devices in manufacturing plants presents new vulnerabilities. These devices often lack robust security features, making them prime targets for exploitation, particularly if these devices are accessible via the internet. Building and maintaining secure system architecture should be one of the top priorities for manufacturing companies.
Rise in insider threats
Insider threats, either unintentional or malicious, will pose a significant risk. This can include employees inadvertently compromising security or intentionally stealing data or intellectual property.
Increased regulatory and compliance pressures
The UK continues to review and update regulations and strengthen existing ones to enhance cyber security and data privacy, in critical industries like manufacturing.
AI and machine learning in cyber security
The use of AI and machine learning tools will increase in both cyber defence and cyber attack strategies. Manufacturers must adopt advanced cyber security solutions to detect and respond to sophisticated threats.
5G implementation
As 5G technology becomes more prevalent, it will enable faster and more efficient manufacturing processes. However, it will also introduce new security challenges due to the increased connectivity and data volume.
Focus on employee training and awareness
Companies will invest more in training their people to recognise and respond to cyber threats, as human error remains a significant vulnerability.
Improving cyber security
UK manufacturing businesses can take several steps to mitigate their cyber security and data privacy risks. These include:
- Conducting regular risk assessments to identify and prioritise vulnerabilities;
- Implementing appropriate security controls, such as firewalls, intrusion detection systems and multi-factor authentication;
- Educating employees about cyber security best practices;
- Implementing a data privacy framework;
- Having a contingency plan for responding to cyber attacks; and
- Become Cyber Essentials-certified.
If you would like to know how Moore ClearComm can help you with your cyber security, please contact us.