Hackers Fall in Love With Asia’s Factories (Again!)
- By CDOTrends editors
- April 02, 2024
Manufacturers in the Asia Pacific region are in the cybercriminal crosshairs—for the second year. In this latest scorched-earth campaign, IBM tracked 46% of all cyberattacks that struck manufacturers. These hackers are ruthless, with malware blasting into nearly half of those attacks, followed by phishing and assaults on public-facing apps. And get this: forget brute-force hacking. Hackers are all about the finesse, waltzing into networks with stolen logins.
The IBM 2024 X-Force Threat Intelligence Index says Asia Pacific was the third most-attacked region in 2023. This digital Wild West sees phishing attempts, and vulnerable applications become the top ways crooks sneak inside.
"'AI-engineered attacks' are receiving more attention due to the rise of generative AI in the current landscape, but the biggest security threat in the Asia Pacific remains known unpatched vulnerabilities," says Catherine Lian, IBM ASEAN general manager & technology leader. "Additional focus should also be placed on the region’s critical infrastructure and key industries such as manufacturing, finance and insurance, and transportation, with stress tests and well-prepared incident response plans in place."
The user account = hacker entry
Here's the globally disturbing bit: Hackers are obsessed with hijacking valid user accounts, making them a more significant threat than brute-force hacking. The IBM report states that infostealing malware (the creepy kind that nabs logins and personal data) has skyrocketed 266%!
This “easy entry" for attackers is harder to detect, eliciting a costly response from enterprises. According to X-Force, major incidents caused by attackers using valid accounts were associated with nearly 200% more complex response measures by security teams than the average incident—with defenders needing to distinguish between legitimate and malicious user activity on the network. IBM’s 2023 Cost of a Data Breach Report found that breaches caused by stolen or compromised credentials required roughly 11 months to detect and recover from—the longest response lifecycle than any other infection vector.
Factories, banks and trains: Sitting ducks?
Let's talk about the motive: disrupting critical infrastructure gets cybercriminals paid. Almost 70% of the attacks IBM's response teams tackled were aimed at vital services like power grids and water systems. Phishing emails, insecure apps, and those pesky stolen logins were the preferred methods.
GenAI is getting cybercrooks seriously excited. It's still early days, but the IBM report makes this unsettling prediction: As soon as one AI tech dominates the market, hackers will swarm, using that AI to power their nastiest schemes.
Grim takeaway? Patch, pentest and lock down logins
Here's the reality check from IBM's report:
- Eternal vigilance is the price of security: Software updates aren't optional.
- Break your system (before crooks do): Security firms can stress-test your network and expose weaknesses.
- The login is the new vulnerability: Treat user accounts like they're made of gold. Enable multi-factor authentication (MFA), the whole nine yards.
Hackers are evolving, and Asia's manufacturers seem to be in for a rough ride. But staying ahead of these attacks is possible with a proactive, 'assume you'll be breached' mindset and serious investment in cybersecurity.
Image credit: iStockphoto/AndreyPopov