Sign up for our newsletter
Technology / Cybersecurity

Manufacturing industry anticipating ransomware attacks

Almost half of IT decision-makers globally say they did not fall victim to ransomware attacks last year but expect to be hit in the years ahead.

While some ransomware attacks have made headlines globally, such incidents can affect any organisation of any size, across any industry. So what stands out about the manufacturing and production industry?

The answer is that while it experienced an average level of ransomware attacks last year, it is the sector that has the highest expectation of experiencing an attack in the future.

Almost half (49%) of IT decision-makers globally say they were not hit last year but expect to be hit in the years ahead. This high level of anticipation is driven by awareness of the growing sophistication and prevalence of ransomware: 60% reported that attacks are getting increasingly hard to stop due to their sophistication and 46% stated that ransomware is so prevalent it is inevitable they will get hit.

The findings come from the Sophos report, The State of Ransomware in Manufacturing and Production 2021.

The report shares new insights into the current state of ransomware in the manufacturing and production sector. It provides a deep dive into the prevalence of ransomware in manufacturing and production, the impact of those attacks on victims, the cost of ransomware remediation, as well as how the sector stacks up in terms of its future expectations and readiness against these attacks.

It found that the average bill for rectifying a ransomware attack in the manufacturing and production sector, considering downtime, people time, device cost, network cost, lost opportunity, ransom paid, and more, is $1.52 million

The good news, however, is that the sector is by far the most resilient in the face of ransomware. Manufacturing and production was least likely to pay the ransom of all sectors surveyed, with only one in five (19%) organizations whose data was encrypted paying the ransom to get their data back. This is likely thanks to the sector’s ability to restore data from backups: two thirds (68%) of ransomware victims used backups to restore encrypted data, the highest rate of all sectors.

It also appears that manufacturing and production are reaping the benefits of having short- and long term retention of data as required by many government regulations like the GDPR and SOCs, and mandates from the SEC, FDA, and EPA. Given that manufacturing and production organisations that paid the ransom got back just 55% of their data on average, the sector is wise to focus on backups as their primary recovery method.

Elsewhere through, manufacturing and production is facing a small but growing new trend: extortion-style attacks where the cybercriminals don’t encrypt files but threaten to leak the stolen information online if a ransom demand isn’t paid, with almost one in ten (9%) organizations experiencing an extortion-only attack.

Sophos dives into the different types of ransomware attack, and the cyber challenges that manufacturing and production face today. Moreover, it has issued its recommendations for best practice within the report, to help associations mitigate against suck attacks.

Download the report here.