-
Frequency
2,337 incidents, 338 with confirmed data disclosure
Top patterns
System Intrusion, Basic Web Application Attacks, and Social Engineering represent 88% of breaches
Threat actors
External (88%), Internal (12%), Partner (1%) (breaches)
Actor motives
Financial (88%), Espionage (11%), Grudge (1%), Secondary (1%) (breaches)
Data compromised
Personal (58%), Credentials (40%), Other (36%), Internal (14%) (breaches)
Top IG1 protective controls
Security Awareness and Skills Training (CSC 14), Access Control Management (CSC 6), Secure Configuration of Enterprise Assets and Software (CSC 4)
What is the same?
System intrusion and Basic Web Application Attacks continue to be among the main patterns this industry faces.
Summary
Manufacturing continues to be a lucrative target for espionage, but is also increasingly being targeted by other criminals via the use of Denial of Service attacks, credential attacks and Ransomware.
Manufacturing
NAICS 31-33
- 2022 DBIR
- Master Guide
- Introduction
- Summary of Findings
- Results and Analysis Intro
- Results and Analysis - Intro to Patterns
- Results and Analysis - Not the Human Element
- Results and Analysis - Basic Web Application Attacks
- Industries
- Intro to Industries
- Accommodation and Food Services Data Breaches
- Arts and Entertainment Data Breaches
- Data Breaches in Education
- Financial Services Data Security Breaches
- Healthcare Data Breaches
- Information Industry Data Breaches
- Data Breaches in Manufacturing Industries
- Data Breaches in Energy & Utilities Industries
- Professional Services Data Breaches
- Public Administration Data Breaches
- Retail Data Breaches and Security
- Small Business Data Breach Statistics
- Intro to Regions
- Wrap Up
- Appendices
- Corrections
- Download the full report (PDF)
Please provide the information below to view the online Verizon Data Breach Investigations Report.
Thank You.
Thank you.
You will soon receive an email with a link to confirm your access, or follow the link below.
Thank you.
You may now close this message and continue to your article.
-
Patterns
5-Year difference
3-Year difference
Basic Web Application Attacks
Greater
Greater
Social Engineering
Less
Less
System Intrusion
Greater
Greater
-
Pattern
Difference with peers
System Intrusion
Greater
Basic Web Application Attacks
Greater
Social Engineering
Less
-
Manufacturing, with its hum of machinery churning out the key components that make our modern life possible, continues to be a valued target for espionage (mostly due to recent indiscriminate supply chain attacks covered in a previous section). However, it has also become a lucrative target for financially motivated criminals looking to make a quick dollar.
-
In previous reports, Manufacturing was largely targeted for their juicy schematics and secrets. For example, in 2016 over 55% of the incidents in this vertical involved Espionage (Figure 93), but that has been lower over the last few years. Or, conversely, the spies have upped their game to the point that they are no longer exposed.
DoSing against the machine
For an industry where availability equals productivity, it’s interesting to see the yo-yo pattern that has been taking place with DoS attacks over the years. While DoS attacks initially reached its former peak in the 2018 report (over 40% of incidents), it’s been increasing since 2019 and now accounts for approximately 70% of incidents, which puts it more in line with what we see in other industries. This rise of DoS, while unlikely to prevent those key assets from actually running the manufacturing process, is still worth keeping in mind as integration increases between the OT side of the house and the IT side.
With regard to the breaches impacting this sector, one can find the usual suspects, such as stolen credentials (39%), Ransomware (24%) and Phishing (11%) demonstrated in Figure dcc3e261. These types of breaches appear to be impacting everyone regardless of industry. Implementing safeguards, such as the ones listed in the At a Glance table, should be a priority for this vertical. Otherwise, you might find your organization unexpectedly seizing up due to a certain someone with an anime girl avatar.
Let's get started.
Choose your country to view contact details.
- Select Country...
- United States
- Argentina
- Australia
- Austria
- Belgium
- Brazil
- Canada
- Chile
- China
- Colombia
- Costa Rica
- Denmark
- Finland
- France
- Germany
- Hong Kong
- India
- Ireland
- Italy
- Japan
- Korea
- Luxembourg
- Mexico
- Netherlands
- New Zealand
- Norway
- Panama
- Portugal
- Singapore
- Spain
- Sweden
- Switzerland
- Taiwan
- United Kingdom
- United States
- Venezuela
-
Call for Sales.
Or we'll call you.
Existing customers, sign in to your business account or explore other support options.