Ransomware has been a rising area of concern for organisations – especially with the pandemic opening up new vulnerabilities for cyber attackers to exploit. As much as companies attempt to prepare themselves from falling prey to such attacks, having a clear response outlined is also critical should it happen.
For companies in the manufacturing and production sector, it was found in The State of Ransomware in Manufacturing and Production 2021 report by Sophos that only 19% are willing to submit to ransom demands to have their encrypted files restored – making them the least likely to pay upon being attacked. Moreover, 68% have responded that they would be able to restore their data from backups.
“While we don't know the specifics that lead to these discrepancies by industry, based on our experience helping victims it is often due to complexity of the networks and how advanced a manufacturing victim might be along the digital transformation path,” explained Chester Wisniewski, Principal Research Scientist at Sophos on why companies in the manufacturing and production industries are better able to restore their data.
“Many manufacturing victims are able to rebuild quickly as they have often had smaller and simpler deployments than many other industries.”
Less impact if companies adopt an industry 4.0 approach
This however does not guarantee that these companies are better equipped at protecting themselves from ransomware. Instead, Wisniewski finds that there is a mix with regard to their preparedness within the industry.
“They are better able to recover their data and therefore less likely to pay out a ransom. Moreover, many are not consumer facing, so they have less reputational concerns,” he added.
“The security posture of manufacturers is hard to assess from survey data, but my experience is that they are further behind than many other sectors – it has less impact if they are not fully adopting Industry 4.0-style approaches.
“The manufacturers that have embraced technology as a central part of their business, on average, also have more advanced views of IT security and are less likely to be victimised to begin with. So it is a mix. The victims who are less advanced and have an easier recovery, and those who are advanced/complex but also have better defences – making them less likely to be a victim to begin with,” said Wisniewski.
Regardless, manufacturing and production companies are reported to worry more than any other industry about being attacked with ransomware in the future. Sixty percent attribute this to attacks becoming more sophisticated thus making it harder to stop, and 46% believe that given the prevalence of ransomware, getting hit by a cybercrime is inevitable.