So Where Are the Hacks?
Both reports make clear the continuing popularity of manufacturing as a primary target for threat actors. So why did we hear nothing about major attacks last year?
“While 2024 also brought several high-profile breaches in the manufacturing sector – such as the ransomware attack at CDK global – these events were overshadowed by the focus on massive breaches in other sectors, including across telecommunications and healthcare. Compared to 2023, when breaches like Clorox dominated headlines, manufacturing-targeted threats in 2024 remained persistent but received less attention,” Caridi says.
Charles Henderson, executive vice president of cyber security services at Coalfire (and former leader of the X-Force team at IBM), cites stealth as a possible reason why last year sounded quiet but probably, actually wasn’t.
“An important thing to note is that if a company doesn’t know they’ve been hacked, they won’t be reporting an incident. Most nation-states are sufficiently sophisticated that if they were lurking in critical infrastructure (e.g. Russia) or exfiltrating intellectual property (e.g. China), they may not be detected until years after the fact,” Henderson says.
“The other thing to remember is that just because an organization is compromised (i.e. suffers some kind of security incident,) that doesn’t mean there will be a complete takedown of their systems or even a ‘material’ impact. So, the general public might not hear about it, but it doesn’t mean those incidents aren’t occurring.
“There are also plenty of companies that don’t fall under the purview of the SEC’s rules, and some companies are getting better at improving their time to respond, which lessens the impact downstream,” Henderson concludes.