The State of Ransomware in Manufacturing and Production 2022

Credit to Author: Doug Aamoth| Date: Wed, 26 Oct 2022 11:55:39 +0000

We have just released the State of Ransomware in Manufacturing and Production 2022 report, which offers fresh insights into the ransomware attack rates, costs and recovery, and ransom insurance payouts in manufacturing and production organizations over the last year.

The report is based on our annual study of the real-world ransomware experiences of IT professionals, of which 419 respondents belonged to the manufacturing and production sector, working in mid-sized companies (100-5,000 employees) across 31 countries.

The study reveals an increasingly challenging threat environment, with the sector reporting an above-average increase in the perceived volume and complexity of attacks. It also sheds light onto the relationship between ransomware and cyber insurance, including the role cyber insurance is playing in driving changes to cyber defenses.

Here are the key findings from the report:

  • 55% of manufacturing and production organizations were hit by ransomware in 2021, up from 36% in 2020 – an increase of 52% over the course of a year
  • At the same time, the sector reported the lowest ransomware attack rates (joint with financial services) at 55% compared to the cross-sector average of 66%
  • Manufacturing and production reported one of the lowest data encryption rates following ransomware attacks: 57% in manufacturing and production vs. 65% across sectors
  • 38% of the respondents said they were able to stop the attack before the data could be encrypted, well above the cross-sector average of 31%
  • The sector has been considerably impacted by the changing threat landscape, with 61% reporting an increase in the volume of attacks on their organization over the last year (vs. 57% cross-sector average) and 66% reporting an increase in attack complexity (vs. 59% cross-sector average)
  • Manufacturing and production reported the lowest backup use, with only 58% using backups to restore data compared to the cross-sector average of 73%
  • 33% of manufacturing and production organizations paid the ransom to restore encrypted data – one of the lowest reported ransom payment rates across all sectors and considerably below the global average of 46%.
  • The sector reported the highest average ransom payment of all sectors: $2,036,189 (of 38 respondents) vs $812,360 across sectors; a tremendous rise from the $147,917 reported in 2020 by 15 manufacturing and production respondents.
  • Only 59% of encrypted data was recovered on average in 2021 by manufacturing and production, lower than the cross-sector average recovery rate of 61%
  • The overall cost to remediate ransomware attacks for manufacturing and production organizations dropped over the last year, down from US$1.52M in 2020 to US$1.23 in 2021
  • Only 75% of manufacturing and production organizations reported having cyber insurance coverage against ransomware, lower than the cross-sector average of 83%
  • Cyber insurance is driving manufacturing and production organizations to improve cyber defenses: 97% have upgraded their cyber defenses to secure coverage
  • Manufacturing and production organizations reported insurance clean-up payout rates at par with the global average. However, it reported the lowest rate of ransom payouts of all industries, with the insurer paying out in only 30% of incidents compared to the cross-sector average of 40%

The increasing rate of ransomware attacks in manufacturing and production demonstrates that adversaries have become considerably more capable of executing attacks at scale by successfully deploying the ransomware-as-a-service model. Most manufacturing and production organizations are choosing to reduce the financial risks associated with such attacks by taking cyber insurance. For them, it is reassuring to know that insurers pay some costs in almost all claims.

It is getting harder for organizations – especially in the manufacturing and production sector – to secure coverage. This has driven almost all organizations in this sector to make changes to their cyber defenses to improve their cyber insurance positions.

Read the full report: The State of Ransomware in Manufacturing and Production 2022

http://feeds.feedburner.com/sophos/dgdY