Ransomware dig deep in manufacturing firms’ pockets

The manufacturing sector had the highest average ransom payment across all sectors—$2,036,189 versus $812,360, respectively — according to Sophos.

The company’s State of Ransomware 2022 survey polled 5,600 IT professionals in mid-sized organisations across 31 countries, including 419 respondents from the manufacturing and production sector.

Findings show that 66% of manufacturing and production firms surveyed reported an increase in the complexity of cyber attacks, and 61% reported an increase in the volume of cyber attacks when compared to the previous year’s survey. 

The increase in complexity and volume is also 7% and 4% higher than the cross-sector average, respectively.

John Shier, senior security advisor at Sophos, said manufacturing is an attractive sector to target for cybercriminals due to the privileged position it occupies in the supply chain. 

“Outdated infrastructure and lack of visibility into the OT environment provides attackers with an easy way in and a launching pad for attacks inside a breached network,” said Shier. “The convergence of IT and OT is increasing the attack surface and exacerbating an already complex threat environment.”

He added that while having reliable backups is an important part of recovery, today’s ransomware threat requires a detailed response plan that includes human-led threat hunting capabilities. 

Complex attacks require comprehensive protection, which, for many organisations, will include the addition of managed detection and response (MDR) teams who are trained to look for and neutralise active attackers.

While manufacturing and production had the highest average ransom payment, the percentage of organisations that actually paid the ransom was among the lowest across sectors (33% versus 46% for the cross-sector average).

Additional findings show that the manufacturing and production sector had the lowest attack rate, tied with financial services, with only 55% of organisations surveyed targeted by ransomware.

However, the percentage of manufacturing and production organisations hit by ransomware increased by 52% over the previous year’s report — up from 36% in the 2021 survey report.

The sector also had the lowest encryption rate at 57% versus 65% for the cross-sector average.

Only 75% of those surveyed reported having cyber insurance, the lowest percentage across all sectors.