From being the 8th most attacked industry by ransomware in 2019, the manufacturing sector jumped to 2nd place in 2020. From then on, the industry has seen no respite – fighting a massive 23% of all ransomware attacks in 2022, knocking financial services and insurance from the top spot, according to a report in IBM Security’s annual X-Force Threat Intelligence Index.
In the manufacturing sector, every minute of downtime is costly. Threat actors seek to disrupt work in places where there is high pressure to pay a ransom, such as where the ripple effect of disruption continues downstream or operational stressors can quickly build up. Often, hackers distribute poisoned software updates to customers as well. When it is not just the manufacturing company, but hundreds of customers who have been meddled with, there is even more pressure to pay up. In fact, the global cost of ransomware attacks today is $20bn.
Ransomware is a type of malware that locks or encrypts data until a ransom has been paid. By using sophisticated attack methods, bad actors can encrypt your data and hold the key as a reward for paying the ransom. This leaves the organization helpless and operations grind to a stop until the astronomical ransom is paid. For most companies, the sudden drop in revenue can be devastating, and nearly 3 in 10 companies have had to lay off employees post the attack.
Where ransomware exists, phishing likely does too. The X-Force Report suggests that 2/3rds of attacks were engineered by gaining access to an unsuspecting user’s network. In other words, ransomware gangs gain initial access into a victim’s network and can either steal the victim’s data, leverage the details to conduct follow-up attacks such as breaches, or establish a foothold within the network and use the access to probe further. Additionally, they could sell the opening gained via phishing to another threat actor to conduct an attack of their own to compromise business processes.
Alarmingly, 47% of attacks on the manufacturing sector exploited unpatched vulnerabilities – a 33% rise from previous years. This suggests that prioritizing vulnerability management is a weakness of the industry at large. SecurityShield by SureShield has been designed for easy implementation and empowers security teams to track, manage and build a robust security posture. With customizable, repeatable scan schedules, it allows you to continuously scan threat-facing networks.
Divide your networks in a way that your legacy systems are protected, but in a way that allows your legacy system and operational technology to work together. By doing so, you can give teams smaller sections within which they can implement network access controls along with network monitoring in order to defend against ransomware, phishing, and other digital threats.
This will help you understand which assets are most important. SecurityShield’s comprehensive asset management covers all networked assets such as desktops, mobile devices, cloud environments, and much more. Its ongoing automated discovery detects unauthorized devices, so you are always in the know of who has access to your network and through which devices.
When a company’s data is locked, the sudden inability to operate can be disastrous. The loss of access to vital information would likely halt production. Cover your base by backing up essential data so you can continue with normal operations after being infiltrated. Having software that continuously back-up data reliably will allow you to access up-to-date critical information after losing access to your primary source.
Simple human error is responsible for a huge number of cyberattacks. While you can’t eliminate this risk entirely, you can improve your chances by developing a robust set of policies and training your workers to follow them. Teach employees to recognize potential phishing emails, and have clear policies in place for reporting suspicious messages. With continuous training and company-wide commitment to the cause, you can decrease the chances of a debilitating infiltration.
A ransomware attack on any organization can be damaging, but a successful attack on a manufacturing unit relying upon a solid supply chain to provide goods and services to others can create utter havoc. All organizations would be wise to harden their defenses and ensure that proper measures are in place to reduce the chances of a breach by cybercriminals before it’s too late.
You may also like to read our blog post on top ransomware trends.