Manufacturing (NAICS 31–33)

Please provide the information below to view the online Verizon Data Breach Investigations Report.

The information provided will be used in accordance with our terms set out in our Privacy Notice. Please confirm you have read and understood this Notice.

By submitting the form, you are agreeing to receive insights, reports and other information from Verizon and affiliated companies in accordance with our Privacy Policy. California residents can view our California Privacy Notice.

Verizon may wish to contact you in the future concerning its products and/or services. If you would like to receive these communications from Verizon, indicate by selecting from the dropdown menu below. Please note that you can unsubscribe or update your preferences at any time.

Indicates a required field. The content access link will be emailed to you.

View only

Thank You.

Thank you.

You will soon receive an email with a link to confirm your access, or follow the link below.

Download this document

Thank you.

You may now close this message and continue to your article.

Frequency

 

2,305 incidents, 849 with confirmed data disclosure

Top patterns

 

System Intrusion, Social Engineering and Miscellaneous Errors represent 83% of breaches

Threat actors

 

External (73%), Internal (27%) (breaches)

Actor motives

 

Financial (97%), Espionage (3%) (breaches)

Data compromised

 

Personal (58%), Other (40%), Credentials (28%), Internal (25%) (breaches)

What is the same?

 

Two of the top patterns from last year are still in place. Financial motivation continues to be the driver behind most attacks.


Summary

Manufacturing has seen an increase in Error-related breaches. The installation of malware after hacking via the Use of stolen credentials is somewhat commonplace.

This year’s model

This year’s Manufacturing model comes with a new and improved feature: Errors! As in most other industries, Misdelivery is the error du jour, accounting for almost half (48%) of error-related breaches. As we have mentioned elsewhere, this is in part the result of contributor bias, but nevertheless, sending things to the incorrect recipient does appear to be somewhat widespread regardless of vertical. Loss and Misconfiguration round out the top three error varieties, and they account for approximately 20% and 18% of breaches, respectively.

System Intrusion continues to hold on to the top spot in Manufacturing. This is probably related to the still very effective combination of hacking via Use of stolen credentials (present in 25% of manufacturing breaches) to gain access to the environment and then the liberal application of Ransomware (involved in 35% of breaches in this vertical). It’s hard to keep the gadgets rolling off the assembly line when your data is locked up tight and someone else holds the keys.

Data Breach Investigation Report figure 66

It’s your asset on the (manufacturing) line.

Social Engineering remains steady with regard to breaches in this vertical due to action varieties such as Phishing (55%) and Pretexting (42%). Apparently, consumer feedback branded the Basic Web Application Attacks pattern as so 2022, and it now languishes near the bottom of the pattern rankings with the likes of Privilege Misuse. In fact, the asset of Server–Web app has been on a slightly downward trajectory. Figure 67 illustrates this decline and also shows the corresponding rise of Server–Mail. This makes sense when, as mentioned above, one considers that Phishing remains prevalent in the Manufacturing vertical. Of course, the credentials typically obtained via phishing are those that afford the criminal a foothold into the organization via the email account of the victim.

Data Breach Investigation Report figure 67
Data Breach Investigation Report figure 68

Let’s
connect

Call Sales
877-297-7816

Have us contact you
Request a call

Call for Public Sector
844-825-8389