Data Rich and Resource Poor: The Most Exploited Industry

If a hacker wanted to locate ALL the following information from a single source, where would they attack?

  • Personal information: Names, addresses, photo ID, birth certificates, passports, and social security numbers
  • Parental information: Personal information, payment information, bank account numbers, financial data (such as monthly/annual income), migrant status, and work addresses
  • Student records: Disciplinary information, grades, and test scores
  • Medical information: Student health histories, conditions, and disabilities
  • Third-party data: Usernames, passwords, and metadata

If you guessed “a school database” you would be correct. Schools, both publicly funded and private, collect and retain a significant amount of data. For years, social media has been the focus of concern and debate among parents and educators for good reason; students are spending more time on social media applications while inadvertently sharing personal information. Despite the many risks associated with social media accounts, the greatest threat to your child’s privacy (and by extension, your privacy) is likely their school.

Just how big is the threat?

According to Microsoft Security Intelligence, education is targeted globally 10 times as much as the next industry worldwide – 7.7 million malware encounters in the past 30 days alone as of March 2024.

In its November 2022 report, the Nationwide Cybersecurity Review (NCSR) gave K-12 schools a cyber maturity score of 3.55 out of 7 on their risk-based assessment. The NCSR found that 29 percent of K–12 participants in their report experienced a cyber incident in their district in the previous year. In its 2023 report, The State of Ransomware in Education 2023, Sophos found that 80% of lower education providers reported being hit by a ransomware attack which was a 56% increase from their 2022 survey. While there was a significant increase in the number of attacks, the number of attacks that were stopped before data was encrypted also increased because schools are beginning to take proper steps to protect themselves from cybercrime.

Schools have a long way to go in developing their security postures, but their ability to take proper steps is tied up in the many funding battles occurring in state and federal legislatures. In the meantime, school leaders across the country are doing everything they can to protect students and staff with the limited resources provided.

But who else is at risk?

The short answer is, “everyone.” But there are certain industries that appear to be attacked more often than others. In the United States specifically, the manufacturing industry has grown in popularity among cybercriminals in the last ten years (and this is one popularity contest you don’t want to win).

The Manufacturing Leadership Council reported that in 2021, manufacturing was targeted by ransomware hits twice as often as all other industrial subsectors combined in the United States. Why are criminals going after this industry? The National Association of Manufacturers reports that 13 million Americans are employed by more than 244,000 manufacturing companies. The industry drives $2.89 trillion of value added to the economy which equates to 10.3% of the US GDP as of 2023. Additionally, the industry continues to grow with an estimated 3.8 million new manufacturing positions expected by 2033. Clearly, the industry is thriving, and people are taking note. Unfortunately, individuals with nefarious intent are capitalizing on the prosperity and expansion of the industry.

Manufacturing companies face a range of cybersecurity threats that can impact their operations, intellectual property, and supply chains. Like all industries, manufacturing companies can fall victim to ransomware attacks, phishing scams, and insider threats, but there are a few cyberthreats that are unique to the industry. Some of the biggest cybersecurity threats to manufacturing companies include:

  • Internet of Things (IoT) and Industrial Control Systems (ICS) Vulnerabilities – Manufacturing environments increasingly rely on IoT devices and Industrial Control Systems (ICS) to manage and automate processes. These devices often have weak security measures, making them attractive targets for attackers.
  • Denial-of-Service (DoS) Attacks – DoS attacks can overwhelm a manufacturing company’s network or services, causing downtime and disrupting operations. These attacks can be launched by competitors, disgruntled insiders, or cybercriminals.
  • Legacy Systems and Outdated Software – Manufacturing companies often use legacy systems and outdated software that may no longer receive security updates, making them vulnerable to exploitation.
  • Remote Access Vulnerabilities – With the rise of remote work and remote monitoring of industrial systems, vulnerabilities in remote access solutions can be exploited by attackers to gain unauthorized access to manufacturing networks.
  • Industrial Espionage – Competitors or nation-state actors may target manufacturing companies to steal trade secrets, proprietary processes, and intellectual property. Such espionage can undermine competitive advantages and result in significant financial losses.

What about healthcare… finance and banking… government entities?

We will explore other industries in future posts but there are a few things every cyber-attack has in common, regardless of the associated industry. First, the cyber-attack almost always originates from an error made by an employee. Maybe the employee clicked a malicious email or visited a seemingly harmless website that immediately loaded malicious software. Maybe the employee’s password was too obvious, or they entered credentials into an unsecure site or through an unsecure network. The second element cyber-attacks have in common is that every attack, once discovered, is followed by a chorus of “HOW DID THIS HAPPEN?” Sadly, the third thing all cyber-attacks have in common is financial devastation and loss of reputation to the companies involved.

UP NEXT: How Did This Happen?

Sources:

https://www.microsoft.com/en-us/wdsi/threats

https://learn.cisecurity.org/k-12-report

https://www.cisa.gov/resources-tools/resources/report-partnering-safeguard-k-12-organizations-cybersecurity-threats

https://www.census.gov/en.html https://manufacturingleadershipcouncil.com/manufacturing-tops-industrial-ransomware-hit-list-in-2021-26932/?stream=all-news-insights