Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Manufacturing sector AI and cloud app adoption is giving hackers even more ways in

Digital clouds against a blue background.

With every passing day, the number of Artificial Intelligence (AI) and cloud apps used by enterprises in the manufacturing sector grows. While commendable, this move also resulted in new avenues that cybercriminals can explore.

This is according to a new report from Netskope Threat Labs, published earlier this week. It claims that cloud app usage has grown significantly, with organizations in the sector now interacting with 24 cloud apps each month, on average.

Of all the different apps, OneDrive seems to be the driving force (pun definitely intended), since its popularity grew from 43% to 58% year-on-year.

Higher risks

When it comes to AI, businesses are also inclined towards Microsoft products. This year, Microsoft Copilot is in the manufacturing top 10 apps. With recent updates to Windows 10, and the increasing adoption of Windows 11, which will grow even further next year when Windows 10 hits EOD, it’s safe to assume that Copilot’s share will only grow.

But with increasing adoption also lurk risks. Roughly a half of all global HTTP/HTTPS malware downloads originate from popular cloud apps, Netskope said, adding that the most popular apps around the world “are also among the top apps in terms of the number of malware downloads.” In fact, OneDrive is the top app being abused for malware delivery in manufacturing, with 22%, twice as much as the second- and third-placed Sharepoint and GitHub, who each have 10%.

Crooks are mostly deploying one of these five malware families: Downloader.Guloader; Infostealer.AgentTesla; Phishing.PhishingX; Trojan.Grandoreiro; and Trojan.RaspberryRobin. For Paolo Passeri, Cyber Intelligence Principal at Netskope, this is interesting, since hackers are mostly interested in flexibility:

“What really caught my eye in this report is the fact that threat actors are diversifying the kind of payload they are delivering to organizations in manufacturing,” he said. “Rather than focusing on specific categories of malware, they prefer to deliver flexible downloaders or remote access tools (GuLoader, AgentTesla, and RaspberryRobin), which can then distribute multiple kinds of payloads depending on the attackers' objectives. Businesses will need to implement strict policies that ensure the safe handling of sensitive data, and regularly monitor cloud traffic for malicious behavior.”

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.