Digitized manufacturing plants usually interconnect IT systems, which gives ransomware the opportunity to access monitoring systems, designs, intellectual property, and procurement data. So how can your organization stay ahead?
BitSight and ThirdPartyTrust teamed up to analyze hundreds of attacks over the last three years to understand the impact of ransomware in the manufacturing sector. Our research report, which is available for free download, provides industry-specific findings that will help you avoid future incidents.
While no industry is off-limits, the impact of ransomware in the manufacturing sector is especially concerning because cybercriminals are drawn to the most vulnerable and profitable sectors, which is probably why in 2020 the manufacturing sector received 17 percent of the attacks on businesses and organizations.
Apart from receiving ransom payments, cybercriminals also seek to gain access to high-value data, and the possibility to extort third parties. If the compromised data is about third parties, like suppliers, clients, and partners, attackers can use it to demand a ransom from those entities as well, expanding their reach.
Our research found that certain security program practices may be critical to reduce the likelihood of experiencing a ransomware incident. We also identified which vulnerabilities are closely tied with ransomware campaigns.
The analysis includes:
- Likelihood of ransomware based on overall security performance
- How patching cadence impacts ransomware risk
- Specific vulnerabilities tied to ransomware risk
- Certificate and configuration management tied to ransomware risk
Ransomware: A Threat That Goes Beyond The Pipeline
According to recent research, 36% of manufacturing and production organizations were hit by ransomware in the last year. 55% of data was restored, on average, after paying the ransom, leaving nearly half inaccessible.
The average cost for rectifying a ransomware attack in the manufacturing sector, considering downtime, people time, device cost, network cost, lost opportunity, ransom paid, and more, was US$1.52 million.
Recent incidents such as those suffered by Kaseya, SolarWinds, and Colonial Pipeline have shed light on the damaging impact that ransomware can have on organizations and interconnected supply chains. The scale and complexity of the attacks in the sector could disrupt the manufacturer to the point where operations are brought to a halt.
Why is ransomware growing so rapidly? What standards and practices would have helped? Our research report contains a number of critical performance indicators that can help security professionals in the manufacturing sector reduce the risk of becoming a ransomware victim.
How To Stay Ahead of Ransomware
The manufacturing sector is an integral part of a working economy, as the population relies on manufactured goods.
Ransomware and other threats will keep growing as manufacturers continue to digitize, automate, and integrate their systems, which means you must take precautions and keep upgrading systems.
Read More: 10 CISO Tips to to Prevent, Detect, Contain, and Respond to Ransomware Attacks
Cybersecurity is not a one-and-done effort, but a day-to-day risk management. Cyber hygiene best practices also need to extend to your vendors, partners, suppliers, and any third-party member of your network.
Cybercriminals are often able to find and attack the least secure business in the supply chain and use that foothold to gradually compromise their partners. Having tools that provide deep insight into the risks and security performance of every member of your supply chain is critical.
ThirdPartyTrust can help by providing a one pane of glass risk dashboard, with end-to-end vendor risk assessment automation for making informed decisions about vendors, and continuously monitoring their security posture.
Let us show you how ThirdPartyTrust can help you control ransomware and other risks across your third party supply chain. Talk to an expert today.
The Impact of Ransomware in the Manufacturing Sector
Our research report contains key findings for the manufacturing industry, so that your organization can avoid future ransomware incidents.
You will learn: which vulnerabilities are closely tied with ransomware campaigns, how to prevent them, and how can security professionals like you stay ahead.
