Along with market research I have also been flooded with every security firms’ research especially on ransomware. This one just in from Sophos written by Sally Adam contains information more positive about our market sector than the usual scare tactics I see.
Our [Sophos] new report The State of Ransomware in Manufacturing and Production 2021 reveals that companies in this sector are the least likely to submit to a ransom demand and the most likely to restore encrypted data from backups of all industries surveyed. Just 19% of organizations whose data was encrypted paid attackers to decrypt their files, compared to a global average of 32%.
The report is based on the findings from an independent survey of 5,400 IT decision makers, including 438 in the manufacturing and production sector, conducted at the start of 2021.
Overall, 36% of the manufacturing and production organizations surveyed were hit by ransomware last year which is in line with the global average of 37%. Fortunately for this sector, 68% of those whose data was encrypted were able to restore it using backups, a rate considerably above the global average (57%). This high ability to restore data from backups enables many companies to refuse attacker demands, resulting in the low ransom payment rate.
Chester Wisniewski, principal research scientist at Sophos, advises that “backups are vital, but they cannot protect against this risk, so manufacturing and production businesses should not rely on them as an anti-extortion defense. Organizations need to extend their anti-ransomware defenses by combining technology with human-led threat hunting to neutralize today’s advanced human-led cyberattacks.”
OK, So There Is a Small Scare Tactic
While manufacturing and production companies show good resilience in the face of ransomware, the survey revealed that they have the highest expectation of a future attack of all sectors. Of the respondents not hit by ransomware last year, 77% expect to be hit in the future. The sophistication and prevalence of ransomware are the key factors driving this concern.
A sector heavily impacted by the pandemic
IT teams in manufacturing and production were severely affected by the challenges of 2020. This sector was the least likely to experience a decrease in cybersecurity workload over 2020: just 7% said their cyber workload had decreased, vs. a global average of 13%. It also had the fewest respondents who saw improved response time to IT cases (15% vs. a global average of 20%). The silver lining is that cyber skills also increased, with 71% of respondents saying their team’s ability to further develop cybersecurity knowledge and skills increased over 2020.
Download the full report to explore the reality of ransomware in manufacturing and production. It also includes recommendations from Sophos experts to minimize the impact of ransomware in future.