SOFTWARE & SYSTEMS
CYBER ATTACKS
NTT SECURITY
UK MANUFACTURING DROPS TO SECOND PLACE
IN LEAGUE TABLE OF MOST ATTACKED INDUSTRY
SECTORS – 2019 GLOBAL THREAT INTELLIGENCE
REPORT REVEALS
UK Manufacturing and Technology sectors
continue to battle it out for first and second
place in the table of most targeted industry
sectors by cyber attackers, according
to the 2019 Global Threat Intelligence
Report (GTIR) from NTT Security, the is the
specialised security company and the center
of excellence in security for NTT Group.
While Manufacturing took top billing in the
2018 GTIR, with almost half (46 per cent) of
all cyber attacks in the UK, this year’s report
shows a significant fall to second place with
a fifth (20 per cent) of attacks. However,
the Tech sector, which attracted less than a
quarter (23 per cent) last year, jumps to top
spot with 47 per cent of attacks in the UK.
The annual GTIR is the result of NTT Security
summarising data from trillions of logs and
millions of attacks, and analysing threat
trends based on log, event, attack, incident
and vulnerability data from NTT Group
operating companies. In the latest report,
NTT Security analyses of attacks against 18
industry sectors.
David Gray, Senior Manager – Cyber
Security Consulting, NTT Security, says:
“While manufacturing may have dropped
down a position, the fact that it is still
attracting a fifth of all attacks against UK
organisations is a major concern. The
critical national infrastructure sectors
176
PECM Issue 40
tend to grab the headlines, such as the
attacks on the Ukrainian national grid in
2016, or the Wannacry attack on the NHS
in 2017. However, the recent attacks on
Norsk Hydro demonstrate the impact that
cyber attacks can have on other sectors,
such as manufacturing, and highlight the
importance of effective incident response.”
David Gray adds: “The lines between
traditional and digital manufacturing are
blurring, where high value manufacturing
and advanced technologies are key for
global competitiveness and there is greater
convergence of IT with Operational
Technology (OT), which brings with it
greater complexity and risk. The problem
is that OT has traditionally been something
of a ‘dark art’ for IT and security teams who
lack the knowledge and skills to effectively
map their OT risk landscape and implement
practical plans and processes.”
NTT Security advises manufacturing
organisations to focus on four key areas
when it comes to cybersecurity:
1. Get the basics right: without the right
fundamentals in place, attacks do not need
to be advanced to succeed. People are often
a manufacturer’s greatest threat, so invest in
staff awareness and training, and highlight
the importance of collective responsibility.
2. Take an intelligence-driven approach
to security. IT and security should avoid
working in silos and having a ’not in my
backyard’ mentality by developing robust
holistic processes and procedures.
3. Develop threat intelligence capabilities.
There is no such thing as an isolated
incident and there is a need to manage
the whole incident by developing threat
intelligence – pervasive visibility is
essential.
4. Manufacturers are still failing to
prepare. There is still an element of ‘head
in the sand’, where they do not think
it is going to happen to them. Having
effective incident response capabilities that
are tested regularly is key and enables
organisations to respond quickly in order to
mitigate the threat and identify the cause.
China tops source of attacks table
Once again China is the number one
source of attacks by country against UK
organisations (20 per cent) followed by the
US (16 per cent) and France (10 per cent).
Apart from Sweden, the UK is the only
country to see most attacks coming from
China. Across EMEA, China is second (13 per
cent) just behind the US (16 per cent) while
at a global level again the US is top attack
source on 22 per cent followed by China on
13 per cent.
www.nttsecurity.com