New KnowBe4 Study Show Alarming Cyber Threat Trends in Manufacturing Industry
The Latest Report by Knowbe4 Highlights Increasing Vulnerabilities and the Critical Need for Enhanced Security Awareness
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, has released its “Manufacturing: Maintaining Stability as Cyber Threats Explode in Volume and Sophistication” report. The report examines the state of cybersecurity in the manufacturing industry, tactics being deployed by cybercriminals, and what organisations can do to safeguard against them.
The manufacturing industry is reportedly the most affected by cyberattacks, accounting for over 25% of all incidents, across the top 10 industries, of which 45% are malware attacks. The industry has become increasingly attractive to cybercriminals in recent years due to its interconnected nature—relying heavily on various elements, from raw materials to transportation and its vulnerability—having a low tolerance for downtime, and valuable intellectual property stored in its databases, which could save competitors millions if obtained.
Relevant KnowBe4 Findings
Some interesting highlights from the KnowBe4 report include:
- Phishing is cited as the top initial infection vector, followed by exploitation of public-facing applications.
- Asia-Pacific emerged as the prime target for cyberattacks in 2023, accounting for over half (54%) of all reported incidents.
- Europe followed as the second most targeted region, with 26% of cyberattacks, while North America and Latin America experienced 12% and 5%, respectively.
- An alarming 56% increase in ransomware attacks involving extortion was observed in the industry, highlighting a growing trend in cybercriminal tactics.
- Manufacturing experienced a 266% rise in information stealing malware being injected into systems, designed to steal logins and other credentials for email, social media and messaging accounts, banking details, etc.
- The manufacturing industry faced a dramatic 88% surge in average ransom payments, reaching nearly USD $2.4 million in the last year.
- According to KnowBe4’s 2024 Phishing by Industry Benchmarking Report,small manufacturing organisations fared well against the baseline of 34%. With no security training, the Phish-proneTM Percentage of these organisations with less than 250 employees was 27.9%, well below average. In companies with more than 1,000 employees, the opposite was true; with no security training, 37.5% of employees tested clicked on a bad link in a phishing email. This means that cybercriminals have a chance of successfully phishing almost 4 out of 10 employees in the manufacturing industry.
“Manufacturing’s growing reliance on IT and OT systems, coupled with the increasing globalisation of supply chains, has both increased the industry’s vulnerability and its attractiveness to threat actors,” says Sjouwerman, CEO at KnowBe4. “As we navigate these challenges, it is becoming clear that increasing awareness and providing robust training to recognise and prevent phishing and social engineering attempts is no longer just best practice—it is critical. These efforts are essential not only for individual organisations, but for maintaining stability across the global manufacturing industry and ensuring the uninterrupted flow of goods to consumers and businesses worldwide.”
The report features examples of recent attacks across North America, Europe, Asia and Oceania. The “Manufacturing: Maintaining Stability as Cyber Threats Explode in Volume and Sophistication” report serves as a wake-up call for the industry. As cyber threats continue to evolve, so must our defenses.
To download a copy of KnowBe4’s Manufacturing Report, click here.