Manufacture: The Sector Most Targeted by Cyberattacks in 2024

Mexico’s manufacturing industry was the sector most targeted by cybercriminals in 2024, accumulating 29.77% of attempted cyberattacks on companies, according to Kaspersky's Global Research and Analysis Team for Latin America.

"The attraction to manufacturing is due to its industrial technology systems and the connectivity of their supply chains, which make them an attractive target," says Maria Manjarrez, Security Researcher, Kaspersky,  to El Economista.These characteristics facilitate more agile operations, but also open up critical vulnerabilities, tells Majarrez to El  Economista. Unlike previous years, when Karspersky found that sectors such as finance or education were the main targets of cybercriminals, attackers are now concentrating on manufacturing as they can generate significant economic impacts without the need to use too many resources.

Kaspersky Discoveries

During 2024, Mexican companies recorded 42.4 million malware attack attempts, an average of 116,000 attempts per day, of which almost 30% were directed at manufacturing, the company reports. Other preferred targets include government institutions (20.89%), and agriculture (14%), and retail (6%).

Attacks to mobile devices also grew, with 835,122 threats detected, 70% more than in 2023. In addition, 158,000 cases of ransomware attacks and 85,000 attempted banking Trojan attacks were identified in the country.

Ransomware is consolidating as the top threat, mainly affecting companies with revenues of over US$5 billion. This type of attack, Kaspersky reports, generates a considerable financial impact, with ransoms averaging US$400,000. In 2024, at least 31 new "Ransomware as a Service" groups emerged, expanding their attack capabilities through affiliations with malicious actors.

Phishing remains a prevalent technique, with 81.8 billion attempted attacks reported. This type of attack has evolved through the use of generative AI to personalize hoaxes. Meanwhile, the financial sector faces additional challenges such as the theft of biometric data altered with AI and fraud in payment applications. These threats are amplified as new digital payment tools such as CoDi and Dimo are adopted.

Finally, security in technology supply chains presents significant risks. In 2024, breaches were identified in open source repositories, such as X2 Backdoor, which exposed critical business infrastructures.

Recommendations 

To address these threats, Eduardo Chavarro, Director of the Incident Response and Digital Forensics Group for Americas, Kaspersky, says in a press release that to ensure protection against financial cyber threats in 2025, both individuals and organizations will need to implement robust security measures.

"An effective strategy will combine threat intelligence, predictive analytics and constant monitoring, offering protection against advanced malicious actors," says Chavarro.

Jaime Berdichevsky, Director Mexico, Kaspersky, tells Infochannel that the company has shifted its focus to protecting people rather than devices, offering comprehensive solutions such as Endpoint Detection and Response (EDR).

The company also recommends conducting regular cybersecurity training programs for employees and alerting them to potential risks, arguing that untrained personnel remain one of the most frequent entry points for attackers, and could lead to significant financial losses for companies.