A new report from cybersecurity company Coro reveals cyber attacks this holiday season are targeting manufacturers and other organizations. The report offers data on the cyber preparedness of midsize companies across six industries, including manufacturing.
Key insights include:
- Across industries, the number of cyberattacks is increasing, and in the manufacturing industry, attacks have already risen by almost 130% between January 2020 and November 2021.
- Attacks trend significantly upward during the holiday season: In the manufacturing industry, the anticipated average number of attacks during the final four months of 2021 has spiked 24% over the Jan 2021 – Aug 2021 monthly averages.
Attacks on manufacturing companies for December 2021 are projected to be more than 34% over January 2021 numbers, showing an alarming trend not only for the holiday season but going into 2022.
This vulnerability is not with manufacturers alone. Cyber-attacks on corporations increase during the holidays. Last year, cybersecurity company, PacketLabs, found a considerable spike in cyberattacks during the holidays. Time off at companies creates a perfect period for cyber attacks. If a hacker had a choice between attacking your organization when your IT security team is fully staffed or when it isn’t, it’s clear what they’ll choose.
Government Offers Warnings to Organizations
The federal government is giving private and public companies guidance on how to avoid cyber attacks during the holidays. The Cybersecurity and Infrastructure Security Agence (CISA) and the FBI strongly urge all entities – especially critical infrastructure partners – to examine their current cybersecurity posture and implement best practices and mitigations to manage the risk posed by cyber threats.
This warning from CISA and the FBI specifically mentions that some IT workers may be under the influence from holiday parties when the cybersecurity Grinch hits:
CISA and the FBI urge users and organizations to take the following actions to protect themselves from becoming the next victim:
- Identify IT security employees who would be available on weekends and holidays in the event of an incident or ransomware attack.
- Implement multi-factor authentication for remote access and administrative accounts.
- Mandate strong passwords and ensure they are not reused across multiple accounts.
- If you use remote desktop protocol or any other potentially risky service, ensure it is secure and monitored.
- Remind employees not to click on suspicious links, and conduct exercises to raise awareness.
Additionally, CISA and the FBI recommend maintaining vigilance against the multiple techniques cybercriminals use to gain access to networks, including:
- Phishing scams, such as unsolicited emails posing as charitable organizations.
- Fraudulent sites spoofing reputable businesses—it is possible malicious actors will target sites often visited by users doing their holiday shopping online.
- Unencrypted financial transactions.