Manufacturing industry

(Source – Shutterstock)

The manufacturing sector paid the highest ransom of any industry

  • Manufacturing had the highest average ransom payment of all sectors, coming in at US$2,036,189 compared to US$812,360.
  • 61% of manufacturing and production businesses reported an increase in cyberattacks.

Although no sector is immune to ransomware attacks, the manufacturing industry has been particularly hit. Data is locked by a kind of malware called ransomware whereby bad actors can encrypt your data using complex attack techniques and offer the decryption key as compensation for paying the ransom.

One reason that ransomware attacks have grown particularly prevalent in the manufacturing industry is that hackers are more likely to profit there than in other industries. Access to these systems and data can be used as significant leverage to force a corporation to pay a ransom and downtime caused by such an attack can cause extensive damage.

Manufacturing also houses highly valuable data, and modern hackers can use malware for data extraction. If hackers obtain sensitive information, such as intellectual property, they can sell the information to other companies or demand payment from the producer.

The State of Ransomware in Manufacturing and Production, a new sectoral survey report from Sophos, a global leader in innovation and cybersecurity as a service, revealed that the industry had the highest average ransom payment of all sectors, coming in at US$2,036,189 compared to US$812,360.

Why is the manufacturing industry the most desirable sector to attack?

Additionally, compared to the previous year’s survey, 61% of manufacturing and production businesses reported increased cyberattacks, and 66% indicated a higher complexity to the cyberattacks. Compared to the cross-sector average, the rise in complexity and volume is 7% and 4% respectively.

According to senior security advisor at Sophos John Shier, because of its privileged position in the supply chain manufacturing is a desirable industry for hackers to attack. Attackers have an easy route and a launching pad for attacks inside a penetrated network, thanks to outdated technology and a lack of visibility into the operational environment (OT).

“The convergence of IT and OT is increasing the attack surface and exacerbating an already complex threat environment,” said Shier. “While having reliable backups is an important part of recovery, today’s ransomware threat requires a detailed response plan that includes human-led threat-hunting capabilities. Complex attacks require comprehensive protection, which, for many organizations, will include the addition of managed detection and response (MDR) teams who are trained to look for and neutralize active attackers.”

Although the average ransom payment was highest in the manufacturing and production sector, the percentage of firms that actually paid the ransom was among the lowest overall (33% versus 46% for the cross-sector average). The percentage of manufacturing and production companies affected by ransomware grew by 52% over the report from the previous year (from 36% in the 2021 survey report). However, along with financial services, the sector had the lowest attack rate: 55% of the firms surveyed had been targeted.

Based on the results of the survey, Sophos experts advise the following best practices for businesses in all industries:

  • Install and maintain top-notch fortifications at all spots in the environment. Make sure security measures are frequently reviewed and still satisfy the demands of the firm.
  • Harden the IT environment by identifying and fixing critical security flaws, such as unpatched hardware, unsecured computers, and open RDP ports. The best options for this are Extended Detection and Response (XDR)

Manufacturing and production firms continue to face a growing ransomware threat. Over the past year, the percentage of businesses affected by ransomware has significantly increased, with cybercriminals successfully encrypting data in more than half of the attacks.

It is becoming more difficult for production and manufacturing companies to get insurance. Due to this, almost all manufacturing and production companies have changed their cyber defenses to strengthen their case for cyber insurance. Reassuringly, the sector is a leader in adopting new technology and services, and expanding staff training, despite reporting the lowest ratio of insurance coverage against ransomware among all industries.