Too often, an organization’s employees are a critical cybersecurity vulnerability. According to the 2024 Verizon DBIR report, human error is responsible for 68 percent of security breaches, with phishing being a leading tactic. In the manufacturing sector, where operational continuity and supply chain integrity are paramount, these threats can have devastating consequences, including causing production downtime, disrupting critical operations, and exposing sensitive data.
As phishing and social engineering tactics become more sophisticated, manufacturing organizations must recognize that emails remain the primary threat vector. Attackers use psychological manipulation to exploit human vulnerabilities and bypass security measures. However, with the right tools, training, and leadership support, employees can transform from security risks into frontline defenders of IT systems, networks, and data stores.
Humans are Fallible
Attackers target humans because they can exploit psychological tendencies. They’re experts in conducting social engineering, which is the psychological manipulation of people in the hopes of gaining access to confidential information or systems. Tactics like reciprocity, authority, and liking help attackers disarm victims and lower their defenses.
For example, attackers may impersonate a senior executive and ask the target to send them sensitive information as soon as possible. Without thinking, the employee rushes to complete the task to please the boss without realizing they’re sending the information to a bad actor.
Phishing, one of the most common social engineering tactics, encompasses several different techniques. Attackers send fraudulent emails that appear to come from legitimate sources, tricking recipients into revealing sensitive information or clicking malicious links. Water holing uses trusted websites that employees frequently visit to lure them into traps. Quid pro quo schemes involve attackers pretending to provide a benefit, such as IT support, to gain access to sensitive data or systems.
Phishing attacks have evolved into highly targeted and sophisticated operations, posing significant challenges for organizations across all industries, including manufacturing. Barracuda’s detection data shows that in 2024, more than 85 percent of phishing attacks targeting customers were intended to steal credentials. We expect this number to increase to 90 percent or more over the next year.
Our research also reveals the increasing use of advanced personalization techniques. Attackers now rely on data gathered from social media and communication histories to craft emotionally manipulative messages designed to extort victims or steal sensitive information. The emergence of Phishing-as-a-Service (PhaaS) kits enables attackers to automate and scale phishing campaigns while adding capabilities to steal multifactor authentication (MFA) codes. PhaaS-based credential phishing attacks currently account for around 30 percent of credential attacks detected, and that number will rise to more than half over the next year.
To counter these evolving threats, organizations need email security solutions that keep pace with attackers. Effective tools should constantly research and update threat signatures to detect and block sophisticated attacks. Adaptive email security solutions provide a critical layer of defense against rapidly changing phishing tactics.
In addition to leveraging personalization, attackers employ a variety of evasive tactics to bypass detection. Trusted URL protection services, including those from leading security vendors, have become a favored tool for masking malicious links in phishing emails. Attackers include phishing content in malicious attachments such as PDFs or HTML files while using minimal email body content in order to evade machine learning-based detection systems. They’re also increasingly using AI to create realistic, human-like phishing messages that replicate legitimate communications.
The Rising Threat of Ransomware
Phishing remains a primary vector for ransomware attacks that grant cybercriminals access to networks and take control of critical systems. Over the last year, attackers have increasingly used extortionware, a variant of ransomware that bypasses encryption to demand payment for stolen data. A recent Gartner report stresses the importance of organizations adapting their defenses to combat this tactic: “(Security and Risk Management) leaders must prepare for ransomware attacks by improving their detection and prevention capabilities and evolving their post-incident playbooks.”
A comprehensive ransomware defense strategy addresses preparation, prevention, detection, response, and recovery. Organizations can reduce risks by strengthening access controls, implementing tools to detect suspicious activity early, and training staff on incident response. Post-attack, recovery and root cause analysis are essential for restoring operations and preventing future incidents.
Do not underestimate the importance of empowering all employees with actionable defense strategies. The traditional approach has long been to emphasize the importance of using strong, unique, complex passwords stored in a password manager. However, the National Institute of Standards and Technology (NIST) has released publications suggesting that complex passwords are not necessarily more secure.
Instead of relying on complex password rotation, organizations should emphasize the use of MFA, FIDO2-based authentication, and Zero Trust Network Access (ZTNA). These measures add extra layers of security, requiring additional verification methods to confirm user identity and limit MFA fatigue.
Teach employees to stay vigilant about updating software promptly as well as how to recognize and report phishing attempts. They should always verify senders, scrutinize suspicious links, and report any questionable messages to IT security teams.
Building organizational resilience is a collective effort. Regular phishing awareness training and simulated phishing campaigns help employees recognize and respond to evolving threats. AI-driven detection tools play a critical role in identifying and blocking sophisticated phishing techniques that evade traditional security measures.
Organizations should also implement clear incident response protocols and conduct periodic reviews to refine defenses and address any gaps. These measures create a robust framework to protect systems and data from potential breaches.
Strong defenses also require strong leadership. Business leaders must foster a security-conscious culture by prioritizing cybersecurity as a core organizational goal. Leadership should model proactive behaviors, enforce accountability, and ensure that cybersecurity initiatives align with broader business objectives. By doing so, organizations can turn cybersecurity into a shared responsibility and empower employees to act as the first line of defense against potential threats.
The need for action is urgent. Organizations must take deliberate steps to transform vulnerabilities into strengths by preparing their people, processes, and systems to counter the ever-growing volume of sophisticated cyber threats. Phishing and social engineering tactics grow more sophisticated every day, exploiting human vulnerabilities with precision and creativity. By delivering comprehensive education, deploying cutting-edge technological solutions, and fostering strong leadership, organizations will position their employees as the strongest line of defense.
Riaz Lakhani is Chief Information Security Officer at Barracuda Networks. In this role, he is responsible for setting the strategy, managing implementation, and driving all aspects of Barracuda’s information security program.