Connect with us

Hi, what are you looking for?

White Papers

Manufacturing, production industry fighting with an 41% increase of ransomware attacks over 4 years

With an increase of 9% the industry is one of only three sectors with an increasing attack rate beside healthcare (+7%) and financial services (+1%). All other industries saw a decrease in attacks.

The manufacturing and production industry is claiming a sad record in this year’s Sophos State of Ransomware report from with the highest growth regarding the percentage of organizations that have been hit with ransomware in 2023. With an increase of 9% the industry is one of only three sectors with an increasing attack rate beside healthcare (+7%) and financial services (+1%). All other industries saw a decrease in attacks.

65% of manufacturing and production organizations reported they were hit by ransomware last year. This is a notable increase from the previous two years (56% in 2023 and 55% in 2022) and represents a 41% increase since 2020.

93% of manufacturing organizations hit by ransomware in the past year said that the cybercriminals attempted to compromise their backups during the attack. Of them, 53% of backup compromise attempts were successful. Additionally, three out of four ransomware attacks on manufacturing organizations (74%) resulted in data encryption, the highest encryption rate for the sector in the last five years. This rate is also higher than the 2024 cross-sector average of 70%.

In 2024, manufacturing organizations reported a mean cost of $1.67M to recover from a ransomware attack, an increase from the $1.08M reported in 2023. On average, 44% of computers in manufacturing and production are impacted by a ransomware attack. Having your full environment encrypted is extremely rare, with only 4% of organizations reporting that 91% or more of their devices were impacted.

Advertisement. Scroll to continue reading.

Six in ten victims now pay the ransom

While 58% in manufacturing restored encrypted data using backups, 62% paid the ransom to get data back. The percentage of manufacturing organizations that paid the ransom has almost doubled from our 2023 study when the sector reported one of the lowest ransom payment rates (34%) across all sectors.

A notable change over the last year is the increase in the propensity for victims to use multiple approaches to recover encrypted data (e.g., paying the ransom and using backups). This time around, almost half of manufacturing organizations (45%) that had data encrypted reported using more than one method, more than double the rate reported in 2023 (19%).

157 manufacturing respondents whose organizations paid the ransom shared the actual sum paid, revealing that the average (median) payment has increased by 167% over the last year, from $450,000 to $1.2M.

While the ransom payment has increased, only 27% of manufacturing victims said that their payment matched the original request. 65% paid less than the original demand, while only 8% paid more.

Advertisement. Scroll to continue reading.

“The increase in both number of victims and their inability to detect and respond quickly enough to prevent encryption is very concerning. Criminals are very aware of their success rates amongst different sectors and I wouldn’t be surprised to see them targeting manufacturers alongside healthcare and schools. With more than 60% of manufacturing victims choosing to pay a ransom and the median ransom paid of $1.2 million USD they are attractive targets.

It is essential organizations in this sector focus on their time to detect and time to respond metrics.  While the percentage who have a ransomware incident is indicative of our prevention and proactive defense capabilities, the amount who have an incident, but their data is not encrypted is a sign of increased monitoring and effective threat hunting. It takes all three approaches to defend against hands on keyboard attacks. “

Download the full report for more insights into ransom payments and many other areas.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The Open Enterprise Linux Association (OpenELA) has published enterprise Linux sources compatible with Red Hat Enterprise Linux (RHEL) 9.5.

HEADLINES

The FarmTech training kit is composed of 10 smartphones, a tablet, a SmartBro pocket Wi-Fi with Smart prepaid load cards, an outdoor projector and...

HEADLINES

PLDT and Smart's Technolab serves as a facility for the exploration and testing of new and upcoming network technologies and solutions, such as 6G,...

HEADLINES

The attackers used a series of campaigns with novel exploits and customized malware to embed tools to conduct surveillance, sabotage and cyberespionage as well...

HEADLINES

The event emphasized the pivotal role of PLDT Enterprise’s Managed SD-WAN and Managed Network Service for businesses striving for operational excellence and digital transformation.

HEADLINES

Financial phishing attacks are rapidly increasing in the country as cybercriminals continuously evolve and adapt their tactics, making them sophisticated. The number of attacks...

HEADLINES

A Scale of Harm study by the International Justice Mission revealed that almost half a million Filipino children were trafficked to produce new child...

HEADLINES

Starting from November 1 until December 31, 2024, customers across the Philippines can take advantage of exclusive deals and freebies when purchasing select Lenovo...

Advertisement