In Part 1, we introduced the importance of maintaining internal IT system security and the overall trends in cyberattacks. In this second part, we will focus on the impact of cyberattacks on companies—particularly in the manufacturing sector—and share real-world cases that have occurred in Thailand.

▶ A Must-Read for IT Professionals! IT Security Basics You’re Afraid to Ask【Part 1】 — The Importance of System Security Management and Cyberattack Trends —

The Increase in Cyberattacks Targeting Corporate Confidential Information

In the past, cyberattacks were often carried out by pranksters or individuals seeking mischief. In recent years, however, attacks have increasingly shifted toward business-oriented objectives aimed at financial gain. Cases of cyberattacks affecting public institutions and private companies are on the rise. One major reason companies are targeted is the monetary value hackers can obtain. In particular, B2B companies—especially in the manufacturing industry—possess large amounts of confidential information such as customer data and intellectual property. As a result, they are at higher risk of data theft accompanied by ransom demands.

▲ Cyberattack frequency by industry. Industries with many light-blue dots face a higher risk of attack.

Real Cyberattack Cases at Japanese-Affiliated Manufacturing Companies in Thailand

Case 1: Automotive Parts Manufacturer
Production line halted for one week due to a targeted phishing email

＜Overview＞
A purchasing staff member clicked a link in a virus-infected email disguised as a message from a logistics company while checking the transportation status of materials. As a result, the PC was infected with ransomware*, locking all files and preventing access or data retrieval. The damage spread to internal company data, rendering multiple systems related to factory production temporarily unusable and causing the production line to shut down for approximately one week.

※Ransomware: A type of malicious software that locks data and demands payment for its release.

Case 2: Plastic Parts Manufacturer
Email server vulnerability led to spoofed emails sent from the company’s own address

＜Overview＞
An employee was contacted by a customer who reported that an email had been received but automatically classified as a phishing email. Upon checking the sending history, it was confirmed that the employee had not sent the email. Further investigation revealed that hackers had taken control of the email server and sent spoofed emails impersonating the company. The primary cause was a vulnerability in the email server, which was resolved by updating the server software.

＜Preventive Measures＞
✓ Always keep all software updated to the latest versions
✓ Thoroughly raise internal awareness of the importance of IT system management
✓ Ensure that all software used internally is inspected by IT administrators before use

Awareness of the Importance of IT System Security Management Is Critical

“The major factor common to both cases is that the companies did not fully recognize the importance of cybersecurity measures. In recent years, as more organizations promote DX in their business operations, awareness of cybersecurity has increased. Many companies are also considering migrating their systems to the cloud, but many on-site teams are unsure how to begin. At our company, we provide careful support starting from the basics, so please feel free to consult with us.” (System Planning Engineer / Mr. Kaewmuang)

Soranan Kaewmuang
Junior Manager / Systems Planning & Engineering - 1
Joined Thai NS Solution in 2020
With over 15 years of experience in IT-related businesses, he is responsible as a solution architect for infrastructure and security. He is also involved in basic design for applications and cloud systems.

If you would like to consult about IT system security management or countermeasures against cyberattacks, please contact us via the inquiry form below.