A new report by cybersecurity company Sophos reveals that ransomware attacks have become more successful in encrypting data in the manufacturing and production sector.
According to the report, “The State of Ransomware in Manufacturing and Production 2023,” 68% of the ransomware attacks against this sector resulted in data encryption in the past year. This is the highest rate of encryption for the sector in three years and matches the trend across other sectors.
The report also found that the manufacturing sector has increased its use of backups to recover data, with 73% of the organizations surveyed using backups this year compared to 58% last year. However, this did not translate into faster or cheaper recovery, as the sector still has one of the lowest data recovery rates and longer recovery times.
John Shier, field CTO at Sophos, said that using backups is a positive step, but it is not enough to prevent ransom payments or revenue losses.
“Using backups as a primary recovery mechanism is encouraging, since the use of backups promotes a faster recovery. While ransom payments cannot always be avoided, we know from our survey response data that paying a ransom doubles the costs of recovery,” Shier said. “With 77% of manufacturing organizations reporting lost revenue after a ransomware attack, this added cost burden should be avoided, and priority placed on earlier detection and response.”
The report also highlighted the impact of ransomware attacks on IT teams, with 69% of them saying that security incidents are taking too much time and 66% saying that they are unable to work on other projects.
Sophos offers a glimpse into a major ransomware attack against a manufacturing company in its new documentary series, “Think You Know Ransomware?” In episode 2, Sophos interviews the chief information security officer of Norsk Hydro, an aluminum production company that was hit by a ransomware attack in 2019.
Sophos advises organizations in manufacturing and other sectors to strengthen their defenses with security tools that can prevent or disrupt common attack vectors, such as endpoint protection with anti-exploit capabilities and Zero Trust Network Access. Sophos also recommends using adaptive technologies that can respond automatically to attacks and having 24/7 threat detection and response services.
Additionally, Sophos suggests optimizing attack preparation by making regular backups, practicing data recovery from backups, and maintaining an updated incident response plan.
Finally, Sophos urges organizations to maintain good security hygiene by patching vulnerabilities and reviewing security tool configurations.
To download the full report on “The State of Ransomware in Manufacturing and Production,” visit Sophos.com.
The report is based on a survey of 3,000 IT/cybersecurity leaders in organizations with between 100 and 5,000 employees, including 363 organizations in manufacturing and production, across 14 countries in the Americas, EMEA and Asia Pacific.
Image: Nick Morrison of Unsplash