In the first six months of the year, as most of the world shut down because of COVID-19 and workers everywhere shifted to working remotely, online criminals and state-backed hackers got busy breaking into computer networks, especially those of manufacturing, technology and telecom companies.
Indeed, hackers worked at a greater pace than they did all of last year, according to cybersecurity research firm CrowdStrike.
Companies in as many as 27 different industries fell victim to the hackers, nearly double the number of industries that were targeted in all of 2019, CrowdStrike said in a report made public Tuesday.
While technology, telecom and financial companies are routinely targeted, "the manufacturing industry has experienced a dramatic increase in interactive intrusion activity compared to past years," CrowdStrike said. Manufacturing companies saw an 11 percent increase in attacks and intrusions on their networks compared with all of 2019, the company said.
The attacks on manufacturing companies observed by CrowdStrike affected the business systems or front-office networks rather than computers involved in factory control systems, Jennifer Ayers, vice president at CrowdStrike, wrote in an email to CQ Roll Call.
The report is based on CrowdStrike's analysis of attacks on its clients' networks around the globe.
Both online criminals and state-sponsored hackers may have chosen to target industries already left vulnerable because of large-scale disruption in their global supply chain of materials, CrowdStrike said. Businesses experiencing trouble getting materials and supplies led attackers to believe that the companies may be "more inclined to pay a ransom to prevent further disruption," CrowdStrike said.
Criminal groups "are focused on monetary gain through ransom and extortion by theft of data, whereas state-sponsored attackers are focused on a different agenda which can range from espionage to [intellectual property] theft as examples," Ayers said.
For nation-state hackers, "international trade tensions, increased competition for essential goods, and efforts by some firms to decrease their reliance on offshore suppliers could all have contributed to increased foreign interest in the operations of firms in these sectors," CrowdStrike said in the report.
But in some cases the difference in tactics used by the two kinds of attackers is blurred, with criminal groups willing to play the long game in search of greater profits, the report said.