This activity is due to the rapid convergence of enterprise IT and OT networks.
As part of key findings in the new 2018 Spotlight Report on Manufacturing, Vectra revealed that once perimeter security was breached, attackers could easily spy, spread and steal, unhindered by insufficient internal access controls.
Other key findings in the Spotlight Report on Manufacturing from Vectra include:
§ A much higher volume of malicious internal behaviours, which is a strong indicator that attackers are already inside the network.
§ An unusually high volume of reconnaissance behaviours, which is a strong indicator that attackers are mapping out manufacturing networks in search of critical assets.
§ An abnormally high level of lateral movement, which is a strong indicator that the attack is proliferating inside the network.
The 2018 Spotlight Report is based on observations and data from the 2018 Black Hat Conference Edition of the Attacker Behavior Industry Report, which reveals attacker behaviours and trends in networks from over 250 opt-in enterprise organisations in manufacturing and eight other industries.
In the first six months of 2018, Vectra’s Cognito threat-detection and hunting platform monitored network traffic and collected metadata from more than 4 million devices and workloads from customer cloud, data centre and enterprise environments. The analysis of this metadata provides a better understanding of attacker behaviours and trends as well as business risks.