The manufacturing industry is increasingly becoming a prime target for ransomware attacks, as cybercriminals exploit vulnerabilities and encrypt valuable data. A recent report by cybersecurity firm Sophos, titled “State of Ransomware in Manufacturing and Production 2023,” sheds light on the alarming trend. Based on a survey of 3,000 IT and cybersecurity leaders from large and mid-sized enterprises, the report reveals that over two-thirds (68%) of manufacturing firms globally have fallen victim to ransomware attacks, resulting in the encryption of their data. This represents the highest encryption rate reported in the sector over the past three years, indicating the growing success of attackers in encrypting sensitive information.
While the percentage of manufacturing companies using backups to recover data has increased, with 73% of surveyed firms employing backups this year compared to 58% in the previous year, the sector still faces challenges in data recovery. The study highlights that manufacturing organizations have one of the lowest data recovery rates. For instance, in 2022, only 67% of companies managed to recover their data within a week, while 33% took more than a week to regain access to their encrypted data. It is important to note that relying solely on backups does not guarantee a faster recovery process.
John Shier, field CTO at Sophos, emphasizes the need for earlier detection and response to ransomware attacks, considering that 77% of manufacturing organizations reported lost revenue as a result of such incidents. The extended recovery periods imposed by ransomware attacks significantly impact IT teams, with 69% of respondents stating that addressing security incidents consumes too much time, hindering their ability to work on other projects.
Encryption, an integral part of ransomware attacks, is rendered less effective if the cryptographic keys used for encryption and decryption are not secure. Cybercriminals often target an organization’s encryption keys during their attacks. Yogesh Zope, Chief Information Officer and Chief Digital Officer at forging company Bharat Forge, highlights the importance of adopting new security approaches in the era of smart manufacturing. Zope recommends implementing robust security solutions like endpoint detection and response (EDR) systems to mitigate the risks associated with ransomware attacks.
O.A. Balasubramaniam, Director of IT at electric horn manufacturer Roots Group of Companies, suggests that manufacturing organizations should invest in comprehensive cybersecurity management programs. These programs should encompass various aspects such as threat intelligence, vulnerability assessments, and extend across both their IT and OT (Operational Technology) networks.
The study also reveals an increase in the proportion of manufacturing organizations paying higher ransoms compared to the previous year. In 2022, 40% of companies paid a ransom between $100,000 and $999,999, whereas only 29% paid such amounts in 2021.
While paying the ransom might seem like an easy way to recover lost data and mitigate the damage, Vishak Raman, Vice President for Sales in India, SAARC, and Southeast Asia, warns that it does not guarantee complete data restoration. Paying the ransom only perpetuates the attackers’ business model and contributes to the proliferation of ransomware attacks.
According to research firm Gartner, on average, only 65% of the data is successfully recovered from ransomware attacks, and a mere 8% of organizations manage to fully recover all their data. These statistics highlight the urgent need for manufacturing firms to enhance their cybersecurity measures, invest in proactive defense strategies, and prioritize early detection and response to mitigate the devastating impact of ransomware attacks.
