A new survey of more than 1,600 IT and security professionals spanning more than 100 countries casts light on cyber attacks and their targets, with the manufacturing sector suffering the most attacks to their cloud infrastructure.

According to the survey conducted by cybersecurity provider Netwrix, 64 percent of manufacturers suffered a cyber attack during the prior 12 months, which is similar to the finding among organizations overall (68 percent).

More importantly, the manufacturing sector reported more cloud infrastructure attacks than any other industry surveyed.

“The manufacturing sector relies heavily on the cloud to work with their supply chain in real time. This makes their cloud infrastructure a lucrative target for attackers — infiltrating it enables them to move laterally and potentially compromise other linked organizations, as happened to one of the world’s top meat processing companies. Credential compromise or malware deployed via a phishing email is just the beginning of the attack,” says Dirk Schrader, VP of Security Research at Netwrix.

The manufacturing sector has been slow to adopt cloud services, the survey report noted, indicating a fear that doing so would disrupt operations along with a general concern over the security of intellectual property.

Credit Netwrix 2023 Hybrid Security Trends

Among manufacturers that detected an attack, 85 percent spotted phishing in the cloud compared to only 58 percent across all verticals; 43 percent faced user account compromise in the cloud as opposed to 27 percent among all industries; and 25 percent dealt with data theft by hackers in the cloud compared to 15 percent for organizations overall, the survey found.

“The attack surface in the cloud is always expanding, so it’s critical for manufacturing companies to adopt a defense-in-depth approach,” adds Ilia Sotnikov, security strategist at Netwrix. “First, they must rigorously enforce the principle of least privilege to limit access to sensitive data, which ideally includes just-in-time access to eliminate unnecessary entry points for adversaries. They also need to gain deep visibility into when and how critical data in the cloud is being used so that IT teams can promptly spot potential threats. Finally, they need to be prepared to minimize the damage from incidents by having a comprehensive response strategy that is regularly exercised and updated.”