Hacking incidents reported by manufacturing businesses rose more than 62% in the first half of this year compared to the same period last year.
The Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) released a cyberthreat landscape report on Monday covering the first six months of the year. According to the report, 130 cases of hacking incidents were reported by manufacturing companies, which was a 62.5% increase from the year before. The government agencies stated that cybercriminals concentrated their attacks on small industrial firms that had a relatively lower level of security on their infrastructure than large firms.
“IT companies mostly consider security from the initial stage of their establishment. However, this is not the case with manufacturing firms where security investment comes second,” said Lee Jae-kwang, the manager of the profound analysis team in the internet incident analysis division at KISA, to The Readable. “This could make them more vulnerable to cyberattacks.”
664 cases of cyberattacks were reported to government agencies in the first half of this year, eclipsing 2021’s annual total. According to the report, cybercriminals are focusing their efforts on conducting sophisticated ransomware attacks by encrypting backup servers so that victims cannot use the data for recovery. The percentage of backup files compromised by ransomware rose to 42.9% from the year before.
In addition, the government agencies warned of a series of cyberattacks which abused security flaws in online security software. 92 cases of security flaws linked to applications were reported to the South Korean government. Among them, 54% of vulnerabilities were discovered in security software.
The Ministry of Science and ICT is planning to issue a security guideline on software supply chain attacks later this year as a means to protect companies from cyberattacks. “The guideline will work as a manual in the workplace. We expect this will help in increasing the general understanding of supply chain security,” said an official of the cyber security industry division at the Ministry of Science and ICT.