.
Sophos, a global leader in innovating and delivering cybersecurity solutions as a service, has published a new report on ransomware in the manufacturing sector, “The State of Ransomware in Manufacturing and Production
The main conclusion is that this sector pays, on average, the highest ransomware ransoms (€2,036,189)compared to the average across all sectors (€812,360).
In addition, compared to last year, 66% of organizations surveyed reported a increase in the complexity of cyber attacksand 61% a increase in the volume of cyber attacks – also above the global average by 7% and 4%, respectively.
“Manufacturing is an attractive sector for cybercriminals because of its privileged position in the supply chain. Outdated infrastructure and lack of visibility into the OT environment provide an easy entry point for attackers, as well as a platform from which to launch their attacks on an already breached network. The convergence of IT and OT is increasing the attack surface and aggravating an already complex threat environment
While having reliable backups is an important part of recovery, today’s ransomware threats require a detailed response plan that includes threat hunting led by humans. Complex attacks require comprehensive protection, and for many organizations this will include the addition of Managed Detection and Response (MDR) teams trained to search for and neutralize active attackers.”
John Shier, Senior Security Advisor at Sophos
While the manufacturing sector pays the highest amounts to recover from a ransomware attack, the percentage of organizations that actually paid the ransom is among the lowest in the various sectors (33%, against the global average of 46%).
Other findings from this study include:
- The manufacturing sector recorded the lowest attack rate, along with financial services, with only 55% of their organizations being targeted by ransomware;
- However, the percentage of industry organizations hit by ransomware increased by 52% compared to 2021;
- The sector also recorded the lowest encryption rate (57%, against the global average of 65%);
- Only 75% of respondents declared having taken out cyberinsurance – the lowest percentage in all sectors.
In light of these results, Sophos experts recommend the following best practices for all organizations, in all industries:
- Install and maintain high-quality defenses at every point in an organization’s environment. Regularly review security controls and ensure they continue to meet requirements.
- Proactively look for threats to identify and stop adversaries before they can execute their attacks – if the team does not have the time or skills to do this in-house, then consider subcontracting experts in Managed Detection and Response (Managed Detection and Response – MDR).
- Strengthen the IT environment, looking for and closing the main security gaps: devices without patches, unprotected machines and open RDP ports. The solutions of Enhanced Detection and Response (Extended Detection and Response – XDR) are ideal for this purpose.
- Be prepared for the worst and have an up-to-date action plan in the event of a major incident.
- To do backups and practice your restoration to ensure minimal disruption and the shortest possible recovery time.
To learn more about “The State of Ransomware in Manufacturing and Production”, download the full report at Sophos.com
For this study, 5,600 IT professionals in 31 countries were surveyed, including 419 from the industry and production sector.
Other interesting articles:
.
