As an industry that prioritizes operational uptime, ransomware has the ability to halt operations in a hurry which makes manufacturing organizations a prime target for cyberattacks. A cyberattack that impacts operations would put pressure on a facility to react by paying the ransom in order to limit any equipment shutdowns. While many manufacturers deploy a physically distributed network, they’re also adopting cloud for speed, scale and connectivity like other industries which adds another layer on top of the attack surface.
In taking a look at the frequent detections Vectra manufacturing customers receive, two of the top three were related to Office 365 sharing activity. Any suspicious sharing activity should be scrutinized by security teams to make sure that the actions are being made by authorized users and not that of an attacker attempting to exfiltrate data or anything that would help criminals move further into an attack progression. Read more about the suspicious activity your organizations should have on your radar.
Powered by
