Manufacturers Top Target for Ransomware Attacks

manufacturing plant

Ransomware is a type of malware that encrypts the victim’s files, and the attacker demands a ransom to restore access. Sometimes the victim’s files are lost forever if the ransom isn’t paid and sometimes even when it is. Since ransomware can spread quickly through networks, it can cause massive damage in a short amount of time. 

A recent study involving 5,000 companies worldwide found that ransomware attacks have affected US companies the most (46%), but next in line is Canada, followed by the UK, France and Germany.  Another finding of this study is that manufacturers are a top target for ransomware with the average ransom payment being over $2 million. 

Why Manufacturers Are a Target?

According to a study on the risk of ransomware attacks across 18 different industries, manufacturing is the most susceptible (10.2% of all assaults). Industries, including construction (9.6%), transportation (8.3%), healthcare (7.8%), and technology/information systems (7.8%), follow closely behind.

You might be wondering why ransomware attackers are so keen on targeting manufacturers. There are two key factors:

  1. The impact on supply chains – If a manufacturing plant is closed down for a significant period, this will become extremely expensive and may also affect other businesses in the supply chain as well as consumers. As a result, desperation to get operations back to normal leads to a tendency to pay ransom demands;  even large ones.
  2. It is not uncommon for manufacturing facilities to function on outdated computer systems and industrial operational technology (OT). Security patches become difficult to apply if they are even available at all.  This, combined with a lack of ability to monitor the OT network, makes it easy for cyber criminals to access systems and launch attacks from within. 

How Can You Protect Your Manufacturing Facility from Being Targeted?

Here are a few tips to protect your company from being targeted:

  • Make sure your systems are up-to-date and adequately patched.
  • Use strong passwords and two-factor authentication.
  • Educate your employees about ransomware and how to spot phishing emails.
  • Back up your data regularly and store the backups off-site.
  • Invest in security solutions that can detect and block ransomware attacks.
  • Consult with cybersecurity experts who can assess your systems to identify security gaps.

What Should You Do If Your Facility Is Targeted?

Paying a ransom is discouraged by law enforcement, and there’s no guarantee that you will get your data back if you do pay up.  In fact, a recent study found that in the manufacturing and production sector, despite paying a ransom, only 59% of data was recovered on average.  That’s even lower than the overall average of 61% of data recovered.  

So what should you do?  Engage with a team of cybersecurity experts as soon as possible.  They can help you discover how the breach occurred, how widespread it is and quickly put measures in place to stop a further breach of your systems. They can also assist with getting your systems back to normal.  You may need to contact your insurance provider, legal counsel and possibly a government body to advise if personally identifiable information has been exposed. As a follow-up to a cybersecurity breach, strategies need to be developed to prevent future incidents. 

 At BSC Solutions Group, we know that a dependable, secure IT infrastructure is essential to your organization’s success. Our team has the experience and tools to help protect you from ransomware and other cyber attacks. Contact us today to find out how we can help you work, with peace of mind.